Get a Pentest and security assessment of your IT network.

News

Floki Bot and the stealthy dropper

The Floki Dropper looks simple and it has been found in wild without any outer protection layer. It has 3 resources with descriptive names bot32, bot64, and key. When we try to observe its activity, we can see it making an injection into explorer. However, when we trace the API calls, we cannot find any reference to a function that will write the code into the explorer process. Instead of leaving artifacts for easy detection, the author was trying not to leave any artifacts that could allow easy detection.”]

Source: https://blog.malwarebytes.com/threat-analysis/2016/11/floki-bot-and-the-stealthy-dropper/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Who and why is attacking companies in the Nordic Countries?

News

Shamoon Malware, cyber espionage tool, cyber weapon or