Kav test Part 1

FIRST PART based on the behaviourNB: "Accès refusé" on screenshots means "Access denied".1) Execution protectiona) with the TaskManager launched via Ctrl+Alt+Del: F1/F2b) with...

Endpoint and data theft test

These tests concerns endpoint threats: with the success of USB key, IPOd, and removable media, this is an excellent attack and infection vector.Tests a, b, and c are simple demo which dump the...

Rootkit tests b

B) Classical ("hiders"/intrusion/hackers tools), malwares/automated and demo Rootkits:1) Hidding a process with Trojan.Constructor.Uniskit.H (BitDefender):a) detection: P1/P2 By...

Stealth keyloggers test

C) Stealth keyloggers:Here only the detection is concerned : these commercial programs needs to be installed first with administrator privileges.Some keyloggers hide their own folders (not seen in...

Rootkit test part a

Rootkit prevention and detectionA) Detection and prevention protection:Also for prevention (service/driver instalation, phisical memory access) see the part 1 (behaviour tests).Here we use Agony...

Other malwares Part 11

-Backdoor Aladino: P1/P2-Backdoor Clindestine.152.A: P1/P2Symantec? Never heard of that... -Backdoor.Yuri (DrWeb and Panda have the more appropriated name): P1/P2The "disable Task...

Other malwares Part 5

-Bdoor backdoor: P1/P2-Hanuman Backdoor: F1/P2This backdoor does not try to be permanent by wrinting the run key (F1):-HKShell backdoor: P1/P2-ICMPDoor backdoor: P1/P2NB. ICMP is consdered as a...

Other malwares Part 7

On part 7 and 8 we'll illustrate trojan spy and trojan bankers, a kind of brazilian speciality...People who use to surf on .Br or .Por domains should take a look at this site where an helpful forum...

Other malwares Part 10

-Trojan Downloader Small.Dam: P1/P2 -Trojan Obfuscated.Ev: P1/P2 -Trojan Spy Lmir.Bgk: P1/P2 -Trojan Spy Mara.Bo: P1/P2 -Trojan Spy Small.Bs: P1/P2 Here again system process terminology is used:...

Other malwares Part 9

-Trojan Spy QQPass.Rq: P1/P2 -Trojan Spy Bancos.Tl: P1/P2-Trojan Spy Bancos.Yt: P1/P2-Trojan Spy Banker.Axc: P1/P2 -Trojan Spy Banker.Ccc: P1/P2 -Trojan Spy PdPinch.Gen: P1/P2 -Trojan Spy Banbra:...