Search found 269 matches

by kmd
Sat Jan 12, 2019 6:35 am
Forum: Completed Malware Requests
Topic: Looking for itkvar.sys
Replies: 1
Views: 544

Looking for itkvar.sys

Intel NUC update driver from Intel Integrator Toolkit Application(?)

SHA1
9508b501fd8453732decf2d3061598a5d4c3c648

Thanks!
by kmd
Thu Dec 06, 2018 4:12 am
Forum: Completed Malware Requests
Topic: Looking for presumably NATO supplied APT
Replies: 1
Views: 846

Looking for presumably NATO supplied APT

only MD5:

92b1c50c3ddf8289e85cbb7f8eead077
1cbc626abbe10a4fae6abf0f405c35e2
2abb76d71fb1b43173589f56e461011b

Thanks!
by kmd
Mon Oct 03, 2016 9:27 am
Forum: Tools/Software
Topic: DSEFix - Defeating x64 Driver Signature Enforcement
Replies: 39
Views: 184834

Re: DSEFix - Defeating x64 Driver Signature Enforcement

Hello, are you goinh to use doing capcom.sys for similar loader?
by kmd
Sun Jun 19, 2016 12:26 pm
Forum: Malware
Topic: Taggant vs malware
Replies: 1
Views: 3946

Taggant vs malware

Hey,
http://standards.ieee.org/develop/indco ... aggant.pdf is it worth anything Vs. malware? Opinions?
by kmd
Thu Feb 11, 2016 5:55 am
Forum: Tools/Software
Topic: VBoxAntiVMDetectHardened mitigation X64 only
Replies: 249
Views: 1747159

Re: VBoxAntiVMDetectHardened mitigation X64 only (27/01/16)

is there any patch for 5.0.14 available? thanks!
by kmd
Wed Jan 20, 2016 9:55 am
Forum: Malware
Topic: ZeroAccess (alias MaxPlus, Sirefef)
Replies: 557
Views: 570616

Re: ZeroAccess (alias MaxPlus, Sirefef)

hi, why number of bots online so small?
by kmd
Fri Jun 19, 2015 2:32 pm
Forum: Tools/Software
Topic: UACMe - Defeating Windows User Account Control
Replies: 136
Views: 440577

Re: UACMe - Defeating Windows User Account Control

In addition 10147 broke ISecurityEditor->SetSecurity method. It now returns E_INVALID_ARG. It could be method parameters change or internal reworking. This mean methods related to Simda are dead. Dead for a while (if it possible to recover new definition of interface) or completely (if this change ...
by kmd
Tue Mar 31, 2015 3:05 pm
Forum: Tools/Software
Topic: UACMe - Defeating Windows User Account Control
Replies: 136
Views: 440577

Re: UACMe - Defeating Windows User Account Control

have you figured out why gootkit method doesnt work on win10?
by kmd
Wed Jan 28, 2015 5:29 pm
Forum: Malware
Topic: Necurs - another x64 rootkit
Replies: 70
Views: 96730

Re: Necurs - another x64 rootkit

me again 8-) i'm plan to test this rootkit on x64 windows, should i take latest win version or try on smth like windows 7?
by kmd
Wed Jan 28, 2015 5:27 pm
Forum: Reverse Engineering and Debugging
Topic: warthunder and windbg
Replies: 2
Views: 7103

Re: warthunder and windbg

yeah they have this check in all exe-s, maybe sort of shared framework, anyway simple patch of NtQuerySystemInformation did the job.