Tag: Certificate

DirtyMoe-3

DirtyMoe: Code Signing Certificate

September 17, 2021by Martin Chlumecký

The Windows kernel allows loading drivers signed with revoked certificates. The DirtyMoe driver is also signed with revoked certificates that are moreover widely abused in other malware. Motivated by these facts, this article analyzes the mechanism of how Windows manages certificate revocation...

Menu

Categories

Tags

analysis Android APT backdoor botnet brazil cryptocurrency cryptomining csrf ddos decryptor decryptors desktop DirtyMoe dns hijack dropper exploit fake-app ghostdns Google Play Store HW iot malware mobile obfuscation P-Code phishing ransomware rat report Research reversing risk rootkit router security series spyware stealer takedown threat-intel threats VB vulnerability worm

Recent Posts

Archive

Meta