Bot with Rootkit: Update and Mine!
2023-04-24 | 10:20 – 10:40
In June of 2019 we got an interesting sample. When analyzing the activity of this sample, we noticed that for some reason it downloaded a legitimate Microsoft update KB3033929 from its own CnC and installed it on infected machine. And things got more interesting when we began to dig deeper…