The Latest in IT Security

Posts Tagged ‘stack’

Stealthy variant of Bootkit.Trup

05
Jul
2011

The new variant of Bootkit.Trup is making rounds, which is updated to protect the infected MBR. The encryption used in Bootkit.Trup.B is very similar to its old variant “Bootkit.Trup.A” which is simple rotate right (ROR) operation. It gets Drive geometry of the infected disk and then calculates position near end of the partition to store […]

Category General Written by Quick Heal Weblog 0 Comments

Read more ...

Malware packer integrates with UPX

28
Jun
2011

Recently while I was analyzing a bunch of samples packed by custom packers, one of them struck me as a bit different than any others I saw before. At first glance, the outer layer of packing is a UPX stub, which is commonly used in malware. Especially when combined with a custom packer, UPX can […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Read more ...

Don’t write it, read it instead!

22
Jun
2011

The bootkit malware Trojan:Win32/Popureb.E has made some changes in its code compared to previous samples (specifically, Trojan:Win32/Popureb.B), and now it introduces a driver component to prevent the malicious MBR and other malicious data stored as disk sectors from being changed. The driver component protects the data in an unusual way – by hooking the DriverStartIo […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Read more ...

Newer Entries »

Categories

THURSDAY, APRIL 03, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments