process doppleganging – Computer Security Articles

Process Doppelgänging meets Process Hollowing in Osiris dropper

August 13, 2018 admin dropper, kronos, malware, osiris, Osiris dropper, process doppleganging, Threat analysis, Trojan

Credit to Author: hasherezade| Date: Mon, 13 Aug 2018 18:29:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

Categories:

Tags: dropper kronos osiris Osiris dropper process doppleganging trojan

MalwareBytes Security

Osiris dropper found using process doppelgänging

August 9, 2018 admin dropper, kronos, Malwarebytes news, osiris, Osiris dropper, process doppleganging, Trojan

Credit to Author: hasherezade| Date: Thu, 09 Aug 2018 18:52:57 +0000

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn’t been seen much in the wild since. It was an interesting surprise, then, to discover its use in a dropper of the Osiris banking Trojan. We unpack the code to show how malware authors used this process.

Categories: