Binders and Malware (Part 3)

by Don Parker
Sept. 1, 2017 0 comments TechGenix malware

We will monitor the actual installation of the malware itself via a couple of tools that I covered before. Namely, we will use Regmon and Filemon. With these two tools running in the background when we execute our malware we will be able to see what the malware itself does, and thereby verify that our bound malware works as expected. If you do not have these tools already installed on your computer please do so now. Once done, execute them and exclude all the background processes running. This will allow us to monitor only the new processes that will run once we execute the malware.