Malware Domain List

Malware Related => Tools of the trade / Internet News => Topic started by: SysAdMini on October 12, 2009, 08:15:11 pm

Title: New ZBots and Emulation/Virtualization
Post by: SysAdMini on October 12, 2009, 08:15:11 pm
http://sunbeltblog.blogspot.com/2009/10/new-zbots-and-emulationvirtualization.html

Quote
In my talk at the University of Florida (video link here) i pointed out how important correct error handling in Emulation/Virtualization is. Today we got new ZBot samples and they are using exactly that to avoid generic emulation / unpacking. I had 5 min time to take a couple of Screenshots and to add some comments to it. So here is a closer look to the tartup-code of these ZBots.