About 41.w4r10r
- Location:
- Pune
- Interests:
- Information Security
- Occupation:
- Security Researcher
Total Posts
- Total Posts
- 338
- Posts Per Day
- 0.10
General Information
- Last Activity
- 05-05-2017 10:36 AM
- Join Date
- 07-08-2010
- Referrals
- 3
18 Friends
Showing Friends 1 to 10 of 18
View 41.w4r10r's Blog
by
41.w4r10r on 12-04-2013 at 04:04 PM
On Behalf of Arunpreet Singh
ZeroAccess new variant (crypter) is in the news from past few days. It is different from traditional crypters which either uses RunPE or overwrite the original image with decrypted Image.It is already covered in avast blog post ,so i will just summarize it in shorter steps.It Basically uses Self debugging concept (it’s not a new thing)
1)Launch its own instance in debug mode (child process)
2)Parents Process Enter into debug
Read More