https://www.zdnet.de/88351787/malware-a ... usweitung/
https://securityaffairs.co/wordpress/79 ... lware.html
Primitive copy-paste ransomware.
https://www.virustotal.com/en/file/0cc9 ... 551276309/
Contain UAC bypass from this topic http://www.kernelmode.info/forum/viewto ... mgr#p28872, pkgmgr uacme #23. Author managed to trash it down to his mad skills level. Specifically the only thing I was interested in this sample. Malware implemented this method as standalone executable(!) and standalone payload dll stored in the resources of executable. In attach as uacbypass.zip.
Forum for analysis and discussion about malware.
1 post • Page 1 of 1