View Full Version : Malware analysis: Nailuj sys file
Kayaker
03-14-2007, 01:07 AM
This is a nice analysis of the driver of the Nailuj Spyware Trojan and some of the rootkit techniques it employs.
Our thanks to ZaiRoN for showing us how to expose the underbelly of this snake.
Regards,
Kayaker
deroko
03-14-2007, 06:23 AM
Nicely writen well commented
trojan author was realy stupid, leaving debug messages in final release
Gosh, this tutorial has a "familiar" sound to it. Could it be, ah yes, it's the one I contributed a small bit of "English" to go along with the fine analysis ZaiRon already had put in. Now if my Italian was only a little bit as good as Zai's English already is, I could probably get better service in Italian restaurants....Or maybe not.
Regards,
ZaiRoN
03-14-2007, 07:14 AM
Yes! If the document is really readable you have to thank JMI
deroko
03-14-2007, 07:48 AM
Isn't this malware supposed to work only on XP and w2k3? due to code it uses to get PsLoadedModuleList?
Cool paper Zairon
Nice introduction to Rootkit reversing.
Opcode
03-18-2007, 11:56 PM
Very nice analysis, ZaiRon!
Regards,
Opcode
vBulletin® v3.7.4, Copyright ©2000-2008, Jelsoft Enterprises Ltd.