Backdoor.Batel

Forum for analysis and discussion about malware.
Post Reply
User avatar
R136a1
Forum Admin
Posts: 218
Joined: Wed Jul 13, 2011 4:30 pm
Location: Netherlands

Backdoor.Batel

Post by R136a1 » Tue Sep 27, 2016 11:14 am

Hi folks,

here are two samples of Backdoor.Batel, a small shellcode like dll file. Nothing special though, the technique is nearly identical to the one described here, except this time it's realized as a standalone dll: https://blog.cylance.com/operation-clea ... epad-files

PDB path string:

Code: Select all

C:\Users\DNS\Documents\shellcode\BATLE_SOURCE\DLL_CRSS_DATA-KEY_10-02-2016\Release\32.pdb
Files:
https://virustotal.com/en/file/001221d6 ... /analysis/
https://virustotal.com/en/file/1d9ded30 ... /analysis/
You do not have the required permissions to view the files attached to this post.

Post Reply