bypass CIS v6.2 partially limited, limited, and HIPS

  1. I ran the malware.

  1. It was sandboxed as partially limited.

  2. I checked the autorun entry.

Please view the attached image.

  1. The malware succesfully injected datas to the explorer.exe.

  2. environment:
    Win XP Pro SP3 32bit

[attachment deleted by admin]