Today lets have deeper Insight of Malware Analysics with Mindset of FORENSIC INVESTIGATOR !Alrite JUMP IN !!!
(SHA1: fbe71968d4c5399c2906b56d9feadf19a35beb97, detected as TrojanDropper:Win32/Vundo.L). This trojan hijacks the hosts “vk.com” and “vkontakte.ru” (both social networking sites in Russia)and redirects them to 92.38.209.252, but achieves this in an unusual way.
A common method used to hijack a website and redirect it to a site of the attacker’s choice is to add an entry in the Windows hosts file located in the %SystemRoot%\system32\drivers\etc directory.
However, when we open this file on an affected computer, it doesn’t...
