Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. 1. Virus Total: https://www.virustotal.com/file/bb72ab3ac1dc5f358391a44b2a9be333d06304d205945f04a768e63c96cb6b5a/analysis/1359101967/ 2. What can it do: (1) The malware injects code to the explorer.exe. (2) The explorer.exe executes a svchost.exe. (3) The svchost.exe creates an autorun entry. 3.Tests: 4. Result: HIPS --> failed Run Safer --> failed Autoruns --> failed 5.Environment: Windows XP Pro SP3 32bit 6.Product Version: Free
  2. 1.I open the website which is from the malwaredomainlist, then check the box and click "block" 2.but oa popups an alert window 3.I check the processes with the process explorer. 4.The malware starts succesfully, but OA does not block. 5.environment: Windows XP SP3 32bit Java 6.0.220 IE8 Online Armor Premium
  • Create New...