conclusions | DataProtectionCenter.com

Win32/Duqu analysis: the RPC edition

29

Oct

2011

My Russian colleagues Aleksandr Matrosov and Eugene Rodionov have found some time to do some more analysis on Win32/Duqu. (Don’t you guys sleep?) In the previous post (http://blog.eset.com/2011/10/25/win32duqu-it%e2%80%99s-a-date) they concentrated on analyzing the Duqu configuration file format and extracting the exact date on which the system was infected. This time they investigated Duqu’s RPC (Remote […]

Category General Written by ESET ThreatBlog 0 Comments

The Mystery of Duqu: Part Two

26

Oct

2011

Our investigation and research of Duqu malware continues. In our previous report, we made two points: – there are more drivers than it was previously thought; – it is possible that there are additional modules. Besides those key points, we concluded that unlike the massive Stuxnet infections, Duqu attacks and is contained within an extremely […]

Category General Written by Securelist / Blog 0 Comments

Duqu, son of Stuxnet raises questions of origin and intent

19

Oct

2011

Early today Symantec published an inside look at a new targeted malware attack called Duqu. This might not be important news if it weren’t for its ties to Stuxnet. Early analysis of Duqu shows it has evolved from the Stuxnet codebase. We shouldn’t jump to conclusions that it was developed by the same authors, but […]

Category General Written by Naked Security - Sophos 0 Comments

The Latest in IT Security

Posts Tagged ‘conclusions’

Win32/Duqu analysis: the RPC edition

The Mystery of Duqu: Part Two

Duqu, son of Stuxnet raises questions of origin and intent

Categories

Featured

Archives

Latest Comments

About Us

Contact Us