payload | DataProtectionCenter.com

MSRT August ’12 – What’s the buzz with Bafruz?

14

Aug

2012

For this month’s Microsoft Malicious Software Removal Tool (MSRT) release, we will include two families: Win32/Matsnu and Win32/Bafruz. Our focus for this blog will be Bafruz, which is a multi-component backdoor that creates a Peer-to-Peer (P2P) network of infected computers (using C&C, for instance), and includes a nasty list of payloads, as well as unique means […]

Category General Written by Microsoft Malware Protection Center 0 Comments

Rovnix.D: the code injection story

27

Jul

2012

ESET – In the one of my previous blog posts I described the bootkit functionality included in modifications found in new Rovnix.D samples (Rovnix bootkit framework updated), but further detailed analysis uncovered some interesting updates to the code injection technique employed. During the Rovnix.D code analysis process we found algorithms for multiple code injections with […]

Category General Written by ESET ThreatBlog 0 Comments

Malware on online-gaminatore.ru

27

Jul

2012

Another malicious spam run, although I don’t have a sample of the actual spam this time.. however, the payload is at [donotclick]online-gaminatore.ru:8080/forum/showthread.php?page=5fa58bce769e5c2c (report here), hosted on the following IPs: 89.111.177.151 203.80.16.81 78.83.233.242 These IPs have been used several times recently and should be blocked.

Category Security Written by Dynamoo's Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘payload’

MSRT August ’12 – What’s the buzz with Bafruz?

Rovnix.D: the code injection story

Malware on online-gaminatore.ru

Categories

Featured

Archives

Latest Comments

About Us

Contact Us