Possible payload

  • Thread starter Thread starter Robert Green
  • Start date Start date
R

Robert Green

On an NTFS partition I find that the initial 8 sectors of
the MFT and the entirety (8 sectors) of the MFT mirror have
been overwritten by a repeated pattern - FF7FFFF FFFFFFFF.

Seems intentional. Just wondering if anyone knows if that is
characteristic of the payload of any known malware.

Tks,

Bob
 
Robert Green said:
On an NTFS partition I find that the initial 8 sectors of
the MFT and the entirety (8 sectors) of the MFT mirror have
been overwritten by a repeated pattern - FF7FFFF FFFFFFFF.

Seems intentional. Just wondering if anyone knows if that is
characteristic of the payload of any known malware.
Click to expand...

None that I've heard any talk about lately, but then you may
be the early warning system.
 
You must log in or register to reply here.

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Fix corrupt NTFS partition? 9
missing hal.dll again 13
Master File Table (MFT) 2
Error #105/!08: Partition didn't begin/end on head boundary 2
Recovering lost JPEGs cont. 6
Should I buy Trend Micro Titanium Antivirus+ 2012? For internet security? 13
Hard Disk Failure 21
Lots of mapped out bad sectors cause trouble? 7

Back
Top