Tag Archives: clickbot

Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 2

      No Comments on Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 2

Last week we promised to explain in detail how the “Blackbeard” Trojan infiltrates and hide itself in a victim’s system, especially on its 64-bit variant. Everything described in this blogpost happens just before Pigeon (clickbot payload) gets downloaded and executed. The most interesting aspects are the way it bypasses the Windows’ User Access Control (UAC) […]

Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 1

      No Comments on Win32/64:Blackbeard & Pigeon: Stealthiness techniques in 64-bit Windows, Part 1

At the turn of the year we started to observe a Trojan, not much discussed previously (with a brand new final payload). It has many interesting aspects: It possesses a complex structure containing both 32-bit and 64-bit code; it achieves its persistence with highly invasive methods; and it is robust enough to contain various payloads/functionalites. […]