SEARCH RESULTS
 
Showing 1-2 of 2 records
1
 
Expand article

New Years Storm deja vu

2007-12-25 10:36:00 by Russ McRee in HolisticInfoSec.org
 
...disnisa.exe, writes the same registry keys and config file, and follows the same network attributes as mentioned in previous post , but better AV coverage now that this variant's been around for a few days AntiVir - Worm/Zhelatin.ob Authentium - W32/StormWorm.P BitDefender - Trojan.Peed.IRE CAT-QuickHeal - (Suspicious) - DNAScan DrWeb -...
 
Tags: trojan, spirits import company, disnisa, suspicious, christmas strip, worm-all variants, worm, exe, suspicious file
 
 
 
 
Expand article

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org
 
...disnisa.exe to C:WINDOWS and adds a startup registry key for the same Current AV detection includes Kaspersky stripshow.exe - Email-Worm.Win32.Zhelatin.pd eTrust-Vet - Win32/Sintun.AT Microsoft - Trojan:Win32/Tibs.gen!ldr Symantec - Trojan.Peacomm.D After a quick time check to Microsoft's time server, this variant switches immediately to...
 
Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192
 
 
 
 
 
Showing 1-2 of 2 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia