Wednesday, March 28, 2012

The Mystery of Duqu: Part Five

Driver The driver is the first component of Duqu to be loaded inside the system. As we discovered, the driver and other components of malware are installed using a dropper exploiting a 0-day vulnerability (CVE-2011-3402). The driver is registered inside the HKLM\System\CurrentControlSet\Services\ registry path. The exact name of the registry main varies in distinct versions  See More..

บทความที่ได้รับความนิยม

Popular Posts