Quick look at Nazar's backdoor - Network Communication
Intro In previous episode we described capabilities of Nazar’s EYService, an passive backdoor that utilize PSSDK to sniff on network traffic. In this post we’ll take a look at how this malware communicates with outside world. Binary Diffing Malware is statically linked with PSSDK which makes analysis not very pleasant, and the fact that this software is long dead and has no documentation doesn’t help either! However it was quite popular back in the day and its not that hard to find examples of usage, the most notable one being metasploit.