Mentions
06/14/2016 |
03:20 - moondoggie-bithax mentioned ...me won't appear in the process list at all. The injector itself is named "app.exe", but the actual dll won't appear.
Thanks Ebol4 for the XC Log Decryptor information and psch0 for his work on it. I'm going to reverse it tonight and see what the logs say.
The good news is: it seems likely they're just doing on-disk signature scanning, which is why ... |