Sandboxie adds full 64-bit protection, improves compatibility Sandboxie 4.02 is the latest edition of the powerful shareware sandbox, which allows you to run programs in an isolated environment...
Update for Windows 8 for x64-based Systems (KB2851998) Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the... |
Latest Everything Desktop Search beta build introduces 64-bit version The desktop search engine Everything has been around since 2008. It may come as a surprise that the most recent stable version of the...
June 2013 Security Release ISO Image This DVD5 ISO image file contains the security updates for Windows released on Windows Update on June 11, 2013. The image does not... |
|
New boot firmware a step toward 64-bit Windows RT A standards organization has created a boot environment for tablets and PCs that could potentially run a 64-bit version of Windows RT.
How to Install VMware vSphere vCenter Server 5.1.0b on Windows Server 2003 R2 X64 SP2 In this video we will install VMware vSphere vCenter Server 5.1.0b using the Simple Install method on Windows Server 2003 R2 X64 SP2 |
x64 Assembly and C++ Tutorial 61: AVX Negate 128bpp Image Big thank you to all who've sent in Imogen plugins, they're excellent, Keep em' coming folks! This tutorial we'll look at some of the...
x64 Assembly and C++ Tutorial 60: C++ Negate 128bpp Image In this tute we'll look at coding a C++ algorithm to negate a 128bpp image. This will be a benchmark to beat for the ASM versions we'll... |
|
Kali Linux 64bit In VMware - Installation Walkthrough / How-to The purpose of this video is to demonstrate a basic installation of Kali Linux from Offensive Security in a new Virtual Machine guest...
Installing the Java Plugin for 64bit Firefox on CentOS 6.4 Today, I had to install the Java plugin for 64bit Firefox on CentOS 6.4. The procedure wasn’t too bad, but it wasn’t exactly... |
Linux x64 Assembly Tutorial 4: Passing Parameters and Coding In this tute we'll get to coding some little ASM algorithms. First we have to look at how parameters will be passed from C++.
Linux x64 Assembly Tutorial 2: Bits, Bytes and Registers Today we'll look at integer data types, bits, bytes, words and all that. We'll also look at the general purpose register set. I didn't... |
Thursday, 21 June 2012 07:08
The number of bootkits is steadily growing. All kinds of new bootkits are appearing: sophisticated and simple, serving different purposes (such as rootkits or ransomware Trojans). Malware writers are not above analyzing their competitors’ malicious code.
It is not easy to impress a malware expert with a new bootkit nowadays: boot-record infections have been studied sufficiently in-depth and plenty of information on the subject can be found online. However, this time we have come across an interesting specimen: the Xpaj file infector, complete with bootkit functionality and able to run both under Windows x86 and Windows x64. What makes it stand out is that it successfully runs on Windows x64 with PatchGuard enabled, using splicing in the kernel to protect the infected boot record from being read or modified.
In this paper, I analyze the rootkit’s operation under Windows 7 x64. It is not worth analyzing the rootkit’s operation under Windows x86, since the malware uses more or less the same algorithm in both operating system versions.
Related Items
- Twitter Switches to 64-Bit IDs Enough for 9 Billion Billion Users, Avoids Twitpocalypse II
- GMER 2.0 adds Windows 8 and full x64 support
- 64-Bit Windows Malware to Take Off in 2013 – Security Company
- Amazing difference between Antivirus false alerts on 32-bit and 64-bit builds of exactly the same tool
- Windows 7 64-Bit Is Safer than the 32-bit Version – Microsoft
