A forum for reverse engineering, OS internals and malware analysis 

Search found 1105 matches

 Go to advanced search

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

 by rkhunter ¦  Sat Jul 02, 2011 6:15 pm ¦  Forum: Malware ¦  Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik) ¦  Replies: 595 ¦  Views: 641109

5.3 The Windows OS Loader patch (KB2506014)

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

 by rkhunter ¦  Sat Jul 02, 2011 6:08 pm ¦  Forum: Malware ¦  Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik) ¦  Replies: 595 ¦  Views: 641109

To EP_XOFF:
Do you mean patch about export table of kdcom (look 5.3 chapter)? But I mean article features about P2P network using and kad.dll.

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

 by rkhunter ¦  Sat Jul 02, 2011 5:55 pm ¦  Forum: Malware ¦  Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik) ¦  Replies: 595 ¦  Views: 641109

To EP_XOFF:
Outdated? As i saw this new information about features of TDL botnet was taken from blog of David Harley dated at 1 July.

Re: Popureb rootkit

 by rkhunter ¦  Sat Jul 02, 2011 5:45 pm ¦  Forum: Malware ¦  Topic: Popureb rootkit ¦  Replies: 24 ¦  Views: 23203

It's my small research about this incident:

http://blogs.drweb.com/node/823

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

 by rkhunter ¦  Sat Jul 02, 2011 1:41 pm ¦  Forum: Malware ¦  Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik) ¦  Replies: 595 ¦  Views: 641109

Matrosov wrote in Twitter that ESET update info about TDL botnet - http://www.eset.com/us/resources/white- ... of_TDL.pdf
=)

Re: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik)

 by rkhunter ¦  Sat Jul 02, 2011 10:33 am ¦  Forum: Malware ¦  Topic: Rootkit TDL 4 (alias TDSS, Alureon.DX, Olmarik) ¦  Replies: 595 ¦  Views: 641109

Another article about TDL4 research: http://danuxx.blogspot.com/2011/03/tdss ... art-1.html

Re: Popureb rootkit

 by rkhunter ¦  Fri Jul 01, 2011 1:27 pm ¦  Forum: Malware ¦  Topic: Popureb rootkit ¦  Replies: 24 ¦  Views: 23203

Re: Popureb rootkit

 by rkhunter ¦  Thu Jun 30, 2011 9:25 am ¦  Forum: Malware ¦  Topic: Popureb rootkit ¦  Replies: 24 ¦  Views: 23203

Symantec about Microsoft article: http://www.symantec.com/connect/blogs/mbr-confusion

Re: Rootkit TDL 3 (alias TDSS, Alureon.TC, Olmarik)

 by rkhunter ¦  Wed Jun 29, 2011 6:48 pm ¦  Forum: Malware ¦  Topic: Rootkit TDL 3 (alias TDSS, Alureon.CT, Olmarik) ¦  Replies: 395 ¦  Views: 284473

To EP_XOFF:

Do you dump files from it VFS with ESET TdlFsReader? :)

Question about rootkit.com

 by rkhunter ¦  Sun Jun 26, 2011 9:31 am ¦  Forum: General Discussion ¦  Topic: Question about rootkit.com ¦  Replies: 1 ¦  Views: 3228

Excuse me, may be it off top, but.

Anyone know when rootkit.com site is up or it dead forever? And there will be analog of this site?

whois for it:

Domain Name: ROOTKIT.COM
Record expires on 02-Mar-2015.

  • 1
  • 107
  • 108
  • 109
  • 110
  • 111