Unknown Malware.

I don’t know how it avoid the comodo hips.
Comodo AV didn’t catch 121MB malware & Actived new 3 svchosts.
(The svchosts connect outside IP but comodo firewall → unresponsiveness)

*The malware force removes analysis tools. (like ‘Process Monitor’)
*The zeroday won’t active if turn on the analysis tools.

Could you check this Zeroday?

The infected Normalized URL: ;D

Hi hcracker,

Please send the download link for the file you mentioned.It will be helpful to us.

Regards,
Ponmalar.S

I captured File modification.

Attach Files: FileModify.txt Regcahnge.txt

MicrosoftManagementConsole_800000270b1080015030.dll(malware) inject → explorer.exe

[attachment deleted by admin]

Hi hcracker,

Please send the download link for the file you mentioned.It will be helpful to us.

Kind Regards,
Erik M.

Please use PM’s to send links do not post Malware links on the Forum.

Thank you

Dennis

Erik M. post moved here