a256886572008

Member
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About a256886572008

  • Rank
    New Member
  1. 1. Virus Total: https://www.virustotal.com/file/bb72ab3ac1dc5f358391a44b2a9be333d06304d205945f04a768e63c96cb6b5a/analysis/1359101967/ 2. What can it do: (1) The malware injects code to the explorer.exe. (2) The explorer.exe executes a svchost.exe. (3) The svchost.exe creates an autorun entry. 3.Tests: 4. Result: HIPS --> failed Run Safer --> failed Autoruns --> failed 5.Environment: Windows XP Pro SP3 32bit 6.Product Version: 6.0.0.1736 Free
  2. 1.I open the website which is from the malwaredomainlist, then check the box and click "block" 2.but oa popups an alert window 3.I check the processes with the process explorer. 4.The malware starts succesfully, but OA does not block. 5.environment: Windows XP SP3 32bit Java 6.0.220 IE8 Online Armor Premium 5.5.0.1594