Malware Domain List
Malware Related => Malware Analysis => Topic started by: SysAdMini on November 04, 2008, 01:49:10 pm
-
Locating Hidden Clampi DLLs (VAD-style)
http://mnin.blogspot.com/2008/11/locating-hidden-clampi-dlls-vad-style.html (http://mnin.blogspot.com/2008/11/locating-hidden-clampi-dlls-vad-style.html)
-
that's a good read. thanks for sharing.
-
Recovering CoreFlood Binaries with Volatility
http://mnin.blogspot.com/2008/11/recovering-coreflood-binaries-with.html (http://mnin.blogspot.com/2008/11/recovering-coreflood-binaries-with.html)
-
Malfind Volatility Plug-In
http://mnin.blogspot.com/2009/01/malfind-volatility-plug-in.html
Malfind.py is a Volatility plug-in to find and extract hidden and/or injected code from physical memory dumps. It basically streamlines the multiple steps described in the two previous posts (Recovering CoreFlood Binaries with Volatility and Locating Hidden Clampi DLLs VAD-Style).