Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


LTC Mining Software Being Pushing Into Memory

  • Please log in to reply
No replies to this topic

#1 aspeer06


  • Members
  • 1 posts
  • Local time:06:41 AM

Posted 03 June 2014 - 07:50 PM

So we've grabbed some samples of some code that appears to use a buffer overflow of sorts and installs mining software on computers but we can't tell what else it's doing.

I've found that its PE32 and need to find someone who is better at reading the assembly than I am as I keep getting lost.


Here's a sample just for reference: https://malwr.com/analysis/ZWYxOGI2OGJlN2U1NDYzZWI4MDA4M2RhZWJjZmNlNGQ/


So far we've been in contact with some AV vendors and they've written definitions but none will help us with the assembly part. We need to know if it is/has done anything else besides the mining.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users