moth/packages/skynet/501/index.mdwn

15 lines
598 B
Plaintext
Raw Normal View History

This category contains live samples of real malware. If you participate
in this category, you agree to take all proper precautions: running in
a virtual machine, properly cleaning your system afterwards, and not
exposing any networks to these samples.
YOU HAVE BEEN WARNED!
A user complains that they are getting complaints of mass amounts of
penny stock scam emails coming from their computer. You happen to
extract this file from your network captures.
You'll need the previously dropped file for this exercise.
What is the tag identifier for the ExAllocatePoolWithTag?
(enter the ascii text)