Dissecting interesting malware sample parts
Our last free update from the book!
As mentioned previously, this malware consists of two components: a PE file (Spark.exe) and a Windows driver file (rk.sys).
When more than one malicious file is found on a computer, it’s quite common that one of them generates the other(s). As Spark.exe can be executed by double-clicking on it, while rk.sys must be loaded by another component such as Win…
Keep reading with a 7-day free trial
Subscribe to Packt SecPro to keep reading this post and get 7 days of free access to the full post archives.