tag:blogger.com,1999:blog-446873836886549311.post1032879617630208803..comments2023-08-19T07:31:46.977-07:00Comments on Malware Intelligence Blog: Aurora .sys file used in the attack - External file analysisUnknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-446873836886549311.post-80351608583848534352010-03-26T03:22:55.623-07:002010-03-26T03:22:55.623-07:00Interesting. But did you get any clue about the a...Interesting. But did you get any clue about the automaton on which the code is to be executed? This need not be an iapx 386 ISA ;-><br /><br />The reference to libraries might indicate, that this is indeed a return-to-lib attack. The libraries themselves would build up a powerful environment.<br /><br />best, Hans AdamsAnonymousnoreply@blogger.com