Conti ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is “C:WindowsSystem32”. If not, we grab our process ID and terminate. We do not need to […]
REvil ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit dll will check if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do […]
WannaCry ransomware looks for and executes DLLs in its current directory. Therefore, we can hijack a DLL to execute our own code in order to control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is “C:WindowsSystem32” and if not we grab our process ID and terminate. We do not need […]
https://ict.amnat-ed.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttps://e-office.amnat-ed.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttps://e-news.amnat-ed.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttps://e-network.amnat-ed.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttps://salary.amnat-ed.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttp://cmarea3.go.th/readmee.htm notified by AnonCoders
Tags: defacementhttp://loei3.go.th/readme.txt notified by AnonCoders
Tags: defacement