D3LabJul 5, 2024

Campagne #Malware #Italy Week 27

β˜ οΈπŸ’£πŸ”₯πŸ‘»
#AgentTesla: Ordine
#Irata - #AzraelBot: Malware APK
#Formbook: Pagamento
#SnakeKeylogger: Materiale
#Remcos: Bank
#XWorm: Spedizioni
#VCRuntime: AgenziaEntrate
#Ousaban: Processo
#mwitaly

Show threadAliveDevilOct 19, 2023

Nice, Linux-behavior on Windows - dynamically linking against the #UCRT, and statically linking against #VCRuntime.

This does work without relying on WindowsAppSdk or other "new" stuff really. Just reproduced in a plain C++-project. No more heap corruption when returning std::string.

https://github.com/microsoft/WindowsAppSDK/blob/main/docs/Coding-Guidelines/HybridCRT.md

#HybridCRT

WindowsAppSDK/docs/Coding-Guidelines/HybridCRT.md at main Β· microsoft/WindowsAppSDK

The Windows App SDK empowers all Windows desktop apps with modern Windows UI, APIs, and platform features, including back-compat support, shipped via NuGet. - microsoft/WindowsAppSDK

GitHub