One Article Review
| Source |  Malwarebytes Labs |
|---|---|
| Identifiant | 773788 |
| Date de publication | 2018-08-09 18:52:05 (vue: 2018-08-09 22:03:24) |
| Titre | Osiris dropper found using process doppelgänging |
| Texte |
Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process.
Categories:
Malwarebytes news
Tags: dropperkronososirisOsiris dropperprocess dopplegangingtrojan
(Read more...)
|
| Envoyé | Oui |
| Condensat | appeared authors banking been but categories: code discover discovered doppelgänging doppleganging dopplegangingtrojan dropper dropperkronososirisosiris dropperprocess first found hasn how impersonating interesting its labs last malware malwarebytes more much news osiris post process rare read seen show since surprise tags: technique then trojan unpack use used using wild year |
| Tags | Malware |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ressemble à 1 autre(s) article(s):
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
|
2018-08-13 18:29:05 | (Déjà vu) Process Doppelgänging meets Process Hollowing in Osiris dropper (lien direct) |
Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.
Categories:
Malware
Threat analysis
Tags: dropperkronososirisOsiris dropperprocess dopplegangingtrojan
(Read more...)
|