|
|
|
|
|
|
by bastawhiz
1559 days ago
|
|
|
The analysis here is actually really frustrating. The initial code snippet is only partially analyzed. It makes a HTTP request to a third party geoip service to detect location, then recursively overwrites files if the location is Russia or Belarus. I can't understand why the article doesn't talk about this, but the code is there (albeit obfuscated). |
|
|