BTW, is there any solution to getting rid of this MBR Rootkit ?fixmbr? :D Always worked in the past.
Ring0 - the source of inspiration
A forum for reverse engineering, OS internals and malware analysis
No joy in VBox, No Joy in VM, All sorts of happiness in my live box, bazzas dug in too deep, blue screens were all I would see at first.
The newer batch seems far more revised, does a fine job of stealthing self and has sex with IE like linkoptimizer did.
Very Very impressed with this last release, runs cleanly inside the live enviroment but looks of code imply, youll never see it virtualized, probably the most impressive part of code.
Seems I had some links to dloaders somewhere around here, will see can I fetch em up. ;)
The newer batch seems far more revised, does a fine job of stealthing self and has sex with IE like linkoptimizer did.
Very Very impressed with this last release, runs cleanly inside the live enviroment but looks of code imply, youll never see it virtualized, probably the most impressive part of code.
Seems I had some links to dloaders somewhere around here, will see can I fetch em up. ;)
Arrogance led me to my Ignorance
Who controls the past controls the future
Who controls the present controls the past
Who controls the present controls the past
Trojan.Mebratix.B / BackDoor.Nedoboot.1
MD5: 46c1b34504b9722bd85e00c6a1e20868
MD5: 46c1b34504b9722bd85e00c6a1e20868
Attachments
pass:infected
(22.77 KiB) Downloaded 129 times
(22.77 KiB) Downloaded 129 times
