Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: MSRT April 2012: Win32/Claretore

    We included three threat families in the April edition of the Microsoft Malicious Software Removal Tool - Win32/Claretore , Win32/Bocinex and Win32/Gamarue . In this post, we discuss Win32/Claretore. The earliest reported variant in this family can be traced back to November 2011. Claretore is a trojan...
  • Blog Post: Some shellcode de-mystified

    The shellcode described in this post was obtained from the Eleonore v1.2 exploit kit. High-level details about that kit are mentioned in my April 2012 blog post . This post is a technical view of the actual shellcode and is intended to be instructive to the inquisitive reader. Since this code is relatively...