❌

Normal view

There are new articles available, click to refresh the page.
Yesterday — 25 September 2023Hexacorn Ltd
Before yesterdayHexacorn Ltd

The secret of 961c151d2e87f2686a955a9be24d316f1362bf21

By: adam
3 September 2023 at 18:00
I recently came across a malware sample that included the following, mysterious string: There are a few versions of this strings out there (extracted from a few malware samples downloaded in 2023): 961c151d2e87f2686a955a9be24d316f1362bf21 2.1.1 961c151d2e87f2686a955a9be24d316f1362bf21 3.5.0 961c151d2e87f2686a955a9be24d316f1362bf21 3.6.1 961c151d2e87f2686a955a9be24d316f1362bf21 3.9.1 … Continue reading →

An Elf walks into the bar…

By: adam
11 May 2023 at 22:29
Windows 11’s advapi32.dll includes interesting export functions: ElfBackupEventLogFileA ElfBackupEventLogFileW ElfChangeNotify ElfClearEventLogFileA ElfClearEventLogFileW ElfCloseEventLog ElfDeregisterEventSource ElfFlushEventLog ElfNumberOfRecords ElfOldestRecord ElfOpenBackupEventLogA ElfOpenBackupEventLogW ElfOpenEventLogA ElfOpenEventLogW ElfReadEventLogA ElfReadEventLogW ElfRegisterEventSourceA ElfRegisterEventSourceW ElfReportEventA ElfReportEventAndSourceW ElfReportEventW And I […]
❌
❌