4/27/2023 0 Comments Anti executable serialEven though the former is not an original Windows DLL, both of them were part of the archive, with the archive typically containing one further resource DLL. We were seeing DLLs with the name msimg32.dll being loaded by an executable named setup.exe. Once the loader is activated, the payload can trigger a chain of events that eventually result in the installation of adware, bots, pay-per-install campaigns, and even other Trojan Downloaders. The loader caught our attention because of the anti-analysis methods it implemented throughout its infection cycle. During the last year, Avira researchers have been monitoring and investigating a loader family. As the different types do so, they find new ways to bypass security solutions and try to slip under the radar of security companies to become more persistent and hide their identity.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |