mirror of https://github.com/dirtbags/moth.git
15 lines
598 B
Plaintext
15 lines
598 B
Plaintext
|
This category contains live samples of real malware. If you participate
|
||
|
in this category, you agree to take all proper precautions: running in
|
||
|
a virtual machine, properly cleaning your system afterwards, and not
|
||
|
exposing any networks to these samples.
|
||
|
|
||
|
YOU HAVE BEEN WARNED!
|
||
|
|
||
|
A user complains that they are getting complaints of mass amounts of
|
||
|
penny stock scam emails coming from their computer. You happen to
|
||
|
extract this file from your network captures.
|
||
|
|
||
|
You'll need the previously dropped file for this exercise.
|
||
|
|
||
|
What is the tag identifier for the ExAllocatePoolWithTag?
|
||
|
(enter the ascii text)
|