https://www.zdnet.de/88351787/malware-a ... usweitung/
https://securityaffairs.co/wordpress/79 ... lware.html
Primitive copy-paste ransomware.
VT
https://www.virustotal.com/en/file/0cc9 ... 551276309/
Contain UAC bypass from this topic http://www.kernelmode.info/forum/viewto ... mgr#p28872, pkgmgr uacme #23. Author managed to trash it down to his mad skills level. Specifically the only thing I was interested in this sample. Malware implemented this method as standalone executable(!) and standalone payload dll stored in the resources of executable. In attach as uacbypass.zip.
https://securityaffairs.co/wordpress/79 ... lware.html
Primitive copy-paste ransomware.
VT
https://www.virustotal.com/en/file/0cc9 ... 551276309/
Contain UAC bypass from this topic http://www.kernelmode.info/forum/viewto ... mgr#p28872, pkgmgr uacme #23. Author managed to trash it down to his mad skills level. Specifically the only thing I was interested in this sample. Malware implemented this method as standalone executable(!) and standalone payload dll stored in the resources of executable. In attach as uacbypass.zip.
Attachments
pass: infected
(10.39 KiB) Downloaded 49 times
(10.39 KiB) Downloaded 49 times
pass: infected
(267.71 KiB) Downloaded 54 times
(267.71 KiB) Downloaded 54 times
Ring0 - the source of inspiration
