Fortunately, a signature has been added to Prune Scene that removes the remnants of this malicious code. We managed to find out that this virus is a part of PhysXPluginMfx, which was rarely found on the Internet and therefore neither Autodesk Security Tools nor Prune Scene could detect it earlier. Many thanks to the specialists from ESET, especially Mathieu Tartare, for decompiling obfuscated. At the moment, works on disassemble, to establish the exact threat! NET 4.5 assembler (executing code from obfuscated *.dll file)Ī *.dll file with a virus on the VirusTotal website is recognized as Kryptik.XLW and carries a threat. Executes unknown code from base64 encoded string of.
0 kommentar(er)
