Security-X
Forum Security-X => Sécurité Générale => Discussion démarrée par: igor51 le février 18, 2015, 19:31:28
-
https://drive.google.com/a/cyphort.com/file/d/0B9Mrr-en8FX4dzJqLWhDblhseTA/view?pli=1
Subject of this analysis is a fascinating piece of malware, which invades Windows desktop
machines and aims at.. well, all the things. The analyzed malware consists of a dropper and an
implant, which invades Windows processes to steal data from instant messengers, softphones,
browsers and office applications. A fully blown espionage kit, so to say, sophisticated almost. The
implant is able to hook APIs of interest in dedicated remote processes, to steal data on the fly.