db5d284b9a9c02f76030ba89fd85c7c8f830f8fe4195cdc1f9cddf15f127125d

Metadata

SHA256: db5d284b9a9c02f76030ba89fd85c7c8f830f8fe4195cdc1f9cddf15f127125d
Difficulty: medium
Platform: Windows
Tags: kernel driver poisonx rootkit kernel mode
Likes: 0
Views: 940
Submitter: struppigel

Analysis

Goal

Deobfuscate the strings and markup the code of this rootkit. What exactly can it hide?

Description

It helps to figure out what other driver this rootkit targets and then research for similar code in github, e.g., with grep.app or by searching functionally similar projects.

Recommended Tools

ghidra ida

Solutions

No solutions available yet.

Sample