A forum for reverse engineering, OS internals and malware analysis 

Search found 1105 matches

 Go to advanced search

Finfisher rootkit

 by rkhunter ¦  Fri Jan 13, 2017 6:11 pm ¦  Forum: Malware ¦  Topic: Finfisher rootkit ¦  Replies: 0 ¦  Views: 5981

Re: Linux/Mirai

 by rkhunter ¦  Sun Oct 02, 2016 9:44 am ¦  Forum: Malware ¦  Topic: Linux/Mirai ¦  Replies: 11 ¦  Views: 22179

MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled.. ~ http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html Frankly speaking, I'm really glad to see that he started to do something directly related to his work, besides war with windmills, "approve" ppl in own twitt...

Re: Enhanced Mitigation Experience Toolkit (EMET)

 by rkhunter ¦  Mon Sep 26, 2016 2:37 pm ¦  Forum: Tools/Software ¦  Topic: Enhanced Mitigation Experience Toolkit (EMET) ¦  Replies: 12 ¦  Views: 47111

Question about Windows 10/8.1 booting process

 by rkhunter ¦  Tue Jul 12, 2016 11:33 am ¦  Forum: Reverse Engineering and Debugging ¦  Topic: Question about Windows 10/8.1 booting process ¦  Replies: 0 ¦  Views: 8484

Guys, can anyone point me resources which describe subj? Interesting early loading steps, before execution flow pass to ntoskrnl.

Re: Necurs - another x64 rootkit

 by rkhunter ¦  Thu Jun 02, 2016 1:29 pm ¦  Forum: Malware ¦  Topic: Necurs - another x64 rootkit ¦  Replies: 70 ¦  Views: 96740

Necurs Botnet has over 1 Million infected Bots

http://blog.anubisnetworks.com/blog/mon ... he-iceberg

Re: The NT Insider: July/August 2015 Issue

 by rkhunter ¦  Thu Jun 02, 2016 1:28 pm ¦  Forum: Kernel-Mode Development ¦  Topic: The NT Insider: July/August 2015 Issue ¦  Replies: 7 ¦  Views: 28032

Re: ObRegisterCallbacks functions list

 by rkhunter ¦  Fri Apr 22, 2016 6:30 am ¦  Forum: Reverse Engineering and Debugging ¦  Topic: ObRegisterCallbacks functions list ¦  Replies: 2 ¦  Views: 10380

Ok, thx for the info. I've already solved my problem with workaround. :)

ObRegisterCallbacks functions list

 by rkhunter ¦  Thu Apr 21, 2016 5:36 pm ¦  Forum: Reverse Engineering and Debugging ¦  Topic: ObRegisterCallbacks functions list ¦  Replies: 2 ¦  Views: 10380

Guys, can u recommend for me an ARK to check list of callbacks registered with subj?

Re: WinNT/Ursnif

 by rkhunter ¦  Mon Apr 18, 2016 10:22 am ¦  Forum: Malware ¦  Topic: WinNT/Ursnif (alias ISFB/Gozi) ¦  Replies: 50 ¦  Views: 68011

Re: Linux/Mumblehard

 by rkhunter ¦  Mon Apr 11, 2016 11:04 am ¦  Forum: Malware ¦  Topic: Linux/Mumblehard ¦  Replies: 1 ¦  Views: 4605

Mumblehard takedown ends army of Linux servers from spamming

http://www.welivesecurity.com/2016/04/0 ... -spamming/

  • 1
  • 2
  • 3
  • 4
  • 5
  • 111