Bot with Rootkit: Update and Mine!

Botconf 2019
2023-04-24 | 10:20 – 10:40

Alexander Eremin 🗣 | Alexey Shulmin 🗣

In June of 2019 we got an interesting sample. When analyzing the activity of this sample, we noticed that for some reason it downloaded a legitimate Microsoft update KB3033929 from its own CnC and installed it on infected machine. And things got more interesting when we began to dig deeper…

Slides Icon

Scroll to Top