kevross33
commented
6 years ago SHA256: cc85e8ca86c787a1c031e67242e23f4ef503840739f9cdc7e18a48e4a6773b38
Open kevross33 opened 6 years ago
kevross33
commented
6 years ago SHA256: cc85e8ca86c787a1c031e67242e23f4ef503840739f9cdc7e18a48e4a6773b38
Create initial signature for ATM malware; I am trying to work out how to to get more dynamic info out of ATM malware with the specific required DLLs. It may be some hooks will be required to truly analyse ATM malware but at first this is initial signature in order to identify importing the necessary DLLs to identify potential ATM samples (dynamic LdrLoadDll I have but I am struggling to get good execution).