Jump to content
Tuts 4 You

SimbiOZ, is that a malware


movzxEax

Recommended Posts

This's un unpackme from the unpackmes collection uploaded on tuts4you server

It has a very strange behavior,

it replaces the svchost.exe sercive + tries to scan all opened processes + tries to change the page protection of some places in these processes

After each run, It crashes all opened apps (even kaspersky AV + Outpost firewall + explorer olso ...) all processes are closed

It's very strange

I first lunched it under vista no sp -> crashes all

and then I tried to figure out what happened (but leak of time) and can't go further now

Please if someone has some extra time and can analyse this unpackme, it will be a great help

thank you.

BE CAREFULL, DON'T RUN IT OUT OF A VM TILL WE FIND OUT WHAT IT REALLY DOES

unpackme is here

Link to comment
  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...