A forum for reverse engineering, OS internals and malware analysis 

Search found 4 matches

 Go to advanced search

Re: Win32/Poweliks

 by Ta!0n ¦  Fri Jun 19, 2015 9:17 pm ¦  Forum: Malware ¦  Topic: Win32/Poweliks ¦  Replies: 36 ¦  Views: 110089

Attached sample

Sednit samples

 by Ta!0n ¦  Fri May 15, 2015 7:29 pm ¦  Forum: Malware ¦  Topic: Win32/Sednit (Trojan.Sofacy, APT28) ¦  Replies: 2 ¦  Views: 4824

Seems to share characteristics with Carberp: https://github.com/hzeroo/Carberp

TorrentLocker

 by Ta!0n ¦  Wed Dec 17, 2014 1:32 am ¦  Forum: Malware ¦  Topic: TorrentLocker ¦  Replies: 3 ¦  Views: 3018

Yo,

does anyone have sha1/md5 ?

Cheers,

ta10n.

Patching SSDT using Sign Driver

 by Ta!0n ¦  Tue Oct 28, 2014 5:37 pm ¦  Forum: General Discussion ¦  Topic: Patching SSDT using Sign Driver ¦  Replies: 4 ¦  Views: 7000

Hey Guys, just finish reading the Kaspersky Hooking Engine Analysis documentation: https://quequero.org/2014/10/kaspersky-hooking-engine-analysis/ i have quick Question, the Article refers to SSDT hooking in Windows 32bit. how can they achieve the SSDT hooking on X86_64 ? Patch Guard will prevent an...