add Autochk Rootkit as tool

2020-01-15 13:41:53 +01:00 · 2020-01-15 13:41:53 +01:00 · 32961527aa
parent bfcc867ee6
commit 32961527aa
1 changed files with 11 additions and 1 deletions
--- a/clusters/tool.json
+++ b/clusters/tool.json
@ -7935,7 +7935,17 @@
      },
      "uuid": "ff692a4c-23ff-4e86-a03b-2de8d36bc98f",
      "value": "Dustman"
+    },
+    {
+      "description": "This rootkit is a very simple. The name of the driver is “autochk.sys” - that’s why we’ll call it the autochk rootkit. The rootkit implements 2 functionalities: File Redirection and Network Connection Hiding.",
+      "meta": {
+        "refs": [
+          "https://repnz.github.io/posts/autochk-rootkit-analysis/"
+        ]
+      },
+      "uuid": "4a60dc72-1ca0-4503-a635-96e119c5278d",
+      "value": "Autochk Rootkit"
    }
  ],
-  "version": 130
+  "version": 131
 }