This is a nice analysis of the driver of the Nailuj Spyware Trojan and some of the rootkit techniques it employs.

Our thanks to ZaiRoN for showing us how to expose the underbelly of this snake.

Regards,
Kayaker

Nicely writen well commented
trojan author was realy stupid, leaving debug messages in final release

Gosh, this tutorial has a "familiar" sound to it. Could it be, ah yes, it's the one I contributed a small bit of "English" to go along with the fine analysis ZaiRon already had put in. Now if my Italian was only a little bit as good as Zai's English already is, I could probably get better service in Italian restaurants....Or maybe not.

Regards,

Yes! If the document is really readable you have to thank JMI

Isn't this malware supposed to work only on XP and w2k3? due to code it uses to get PsLoadedModuleList?

Cool paper Zairon
Nice introduction to Rootkit reversing.

Very nice analysis, ZaiRon!

Regards,
Opcode