Hacking, Reverse Code Engineering & IT Security Awareness Blog

Category Archives: Malware

I’ve recently read a research paper from Trend-Micro on KOOBFACE worm and I wanted to share with you the interesting way how they redirect popular web browser traffic through the local proxy they install. The Trend-Micro article can be found here: How KOOBFACE Makes Money
Internet Explorer
What you need to modify is this registry entry:
[HKCU/HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
“MigrateProxy”=dword:00000001
“ProxyEnable”=dword:00000001
“ProxyHttp1.1″=dword:00000000
“ProxyServer”=”http://ProxyServername:ProxyPort”
“ProxyOverride”=”<local>”
Reference: [...]

Today I came across a pretty interesting information on a registry key that you can use to specify initialization settings for given executable names. In other words it is possible to set up one application to run another one, for example some kind of a debugging application may be used to be launched before the [...]