Mavinject.exe: inyección de DLL utilizando la utilidad legítima de MS https://blog.elhacker.net/2025/04/mavinjectexe-inyeccion-de-dll.html #inyección #microsoft #Windows #dll
if someone tells you you should replace a #dll in your backup software and #sandbox says #detect-debug-environment and #long-sleeps
and in total 19 #mitre infos
you might want to wait some time before replacing the dll
CAPE Sandbox
8bbb839529b85238297c6c7e24e70523
Zenbox
2d281791344004ba09fc4525d90c372a
vt
63fd326f9ad2cc1fa8fdb426c9dfd9c84004888025f7961fc28137e814801f15
How ToddyCat tried to hide behind AV software – Source: securelist.com https://ciso2ciso.com/how-toddycat-tried-to-hide-behind-av-software-source-securelist-com/ #Vulnerabilitiesandexploits #AntivirusVulnerabilities #rssfeedpostgeneratorecho #zerodayvulnerabilities #APT(Targetedattacks) #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Defenseevasion #Windowsmalware #securelistcom #Encryption #Incidents #ToddyCat #Drivers #Malware #Trojan #BYOVD #APT #CVE #DLL
and so, next version, it will patch them. on a "helloworld.exe" compiled from assembly and not on a whole-ass plugin yet.
i've learned a lot about reversing windows #PE #DLL binaries (it had always been terra incognita to me) but figuring out how to relinking all that back into an #ELF is gonna be a whole new mission.
like, when was the last time any of yall touched the `ar` command?!? 
in continuation of https://mastodon.social/@unspeaker/114074497440285559 :
alright, and now for the stuff to gawk at.
first, here is it walking the dependency tree described by the PE import sections
(almost makes you feel like a #javascript bundler is a #linker by any other name...)
StaryDobry ruins New Year’s Eve, delivering miner instead of presents – Source: securelist.com https://ciso2ciso.com/starydobry-ruins-new-years-eve-delivering-miner-instead-of-presents-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Financialthreats #Windowsmalware #Gamingmalware #securelistcom #spoofing #Malware #Torrent #Trojan #Miner #XMrig #DLL
Cloud Atlas seen using a new tool in its attacks – Source: securelist.com https://ciso2ciso.com/cloud-atlas-seen-using-a-new-tool-in-its-attacks-source-securelist-com/ #rssfeedpostgeneratorecho #MalwareDescriptions #MalwareTechnologies #CyberSecurityNews #Windowsmalware #Cloudservices #securelistcom #CloudAtlas #PowerShell #datatheft #backdoor #Phishing #Telegram #Malware #DLL #HTA #VBS
Versión con malware de Notepad++ https://blog.elhacker.net/2024/04/version-con-malware-de-notepad-plus-plus.html #hijacking #notepad++ #Malware #dll
Natürlich ist auch die @unileipzig diese Woche auf der #Buchmesse #Leipzig, im #Unibund mit @unijena und #UniHalle. Top-Themen wie gesellschaftlicher Zusammenhalt, das „ungebaute Leipzig“, BookTok & Bookstragram. Auch stellt die aktuelle #Tippgemeinschaft vom #Literaturinstitut #DLL ihr Buch vor. Last but not least: #Leipzigliest an/mit Uni. Übersicht: https://www.uni-leipzig.de/universitaet/service/medien-und-kommunikation/veranstaltungsportal/buchmesse
Were there any #Linux computers infected by #qakbot ?
I did not read much about which #OperatingSystem was targeted, but wat I read is all about #Windows and #DLL' s.
#ZodiacGame #LSDEngine #retrogaming #gamedev #matchthree looking at past #gamedev projects and realizing that #decades have passed, still hits hard. Hits especially hard when you can't find videos of the game because it's broken on modern Windows... Anyhow remembering things is great but finding the source and working level editors is pure bliss, now to see if I can patch a #dll and get it to run on #Win64 :-) #short #video of the game editor in action no sound because #bugs... https://www.youtube.com/watch?v=tvWNVEeIM00
I have recently updated MarkdownSharpCore to support .NET 6.0. The previous version only supported .NET Standard 2.1 and .NET Core 2.2. You can learn more about this at https://jasong.us/3YmrHpn
I have recently updated MarkdownSharpCore to support .NET 6.0. The previous version only supported .NET Standard 2.1 and .NET Core 2.2. You can learn more about this at https://jasong.us/3YmrHpn
#AssemblyLanguage #DLL #SharedLibraries #Z80
Today's dev rel blog article is on creating dynamic shared libraries for the Z80 CPU and a suitable file format for them.
https://andrewowen.net/blog/creating-Z80-dynamic-shared-libraries/
#Dragon Breath #APT Group Using Double-Clean-App Technique to Target #Gambling Industry
Target #Gambling Industry
An advanced persistent threat (#APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel #DLL side-loading mechanism
Source
https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html?m=1
Lobshot Malware erlaubt versteckten Fernzugriff auf Windows
#Krypto #Malware #AnyDesk #DLL #GoogleAds #hVNC #KryptoWallets #Lobshot #VNC https://tarnkappe.info/artikel/krypto/lobshot-malware-erlaubt-versteckten-fernzugriff-auf-windows-273916.html
In case you’re having trouble launching Helix Editor (https://helix-editor) on Windows, the workaround is to install the Microsoft C++ redistributable from https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170
More info: https://github.com/helix-editor/helix/issues/5622
Newly Found #CatB #Ransomware Uses #DLL #Hijacking to Evade Detection
https://cyware.com/news/newly-found-catb-ransomware-uses-dll-hijacking-to-evade-detection-685dd2c8
