The Latest in IT Security

Posts Tagged ‘win64’

The Powerloader 64-bit update based on leaked exploits

27
Aug
2013

A few months ago on this blog I described PowerLoader functionality including an interesting way for privilege escalation into the explorer.exe system process. The leaked PowerLoader code is also used in other malware families. For example the Win32/Gapz dropper is based on leaked PowerLoader code. In August 2013 we have tracked a new modification of […]

Category General Written by We Live Security 0 Comments

Read more ...

More 64-bit obfuscator madness

20
Jul
2012

Just after we published a blog about a 64-bit obfuscator, we very quickly discovered another malware family following the same trend. Claretore is also using two-layer 64-bit obfuscation, although it does it a little differently to Ursnif. The first layer simply decrypts the code of the second layer and passes it control. There’s even a 64-bit […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Read more ...

ZeroAccess: code injection chronicles

26
Jun
2012

At the end of spring 2012, the rootkit family Win32/Sirefef and Win64/Sirefef (also known as ZeroAccess) was updated. We start tracking the first updated samples at the beginning of May when a new affiliation program started for the distribution of a new ZeroAccess version. The updated version of Sirefef doesn’t use kernel-mode drivers, as was […]

Category General Written by ESET ThreatBlog 0 Comments

Read more ...

« Older Entries

Categories

FRIDAY, APRIL 26, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments