setup

Backoff – Technical Analysis – SpiderLabs Anterior

InstallationWhen the malware is originally run, it will to attempt to remove a previous version of itself (version 1.55 “backoff”). All associated files and processes are terminated. It will then attempt to open a pre-defined mutex to ensure it is not already running.The executable then proceeds to copy itself to the following location if it is discovered that it is […]