Author Topic: BotnetWeb: A Collection of Hetrogenouse Botnets..  (Read 3476 times)

0 Members and 1 Guest are viewing this topic.

April 07, 2009, 11:00:10 pm
Read 3476 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

April 28, 2009, 04:23:34 am
Reply #1

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Ruining the bad guy's day

April 28, 2009, 11:02:26 am
Reply #2

Serg

  • Special Members
  • Sr. Member

  • Offline
  • *

  • 132
Guys still have a problems with generic detection name...

April 28, 2009, 03:00:35 pm
Reply #3

CM_MWR

  • Special Members
  • Hero Member

  • Offline
  • *

  • 319
So whats the issue, do they still not have a name for the botnet or dont know from where it gets dropped?

Im so easily confused!  ???

April 28, 2009, 09:03:50 pm
Reply #4

Serg

  • Special Members
  • Sr. Member

  • Offline
  • *

  • 132
Generic detection... it is detection not for only one malware witch was developed by some guy or developers team. It is detection of some common fiche in a lot of malware.
Ex.
NSAnti - it is detection of Chines obfuscator. Nobody knows witch malware've been obfuskated with it. Magania? QQHelper? Hupigon? Lmir? 
Trojan.AutoIt - generic detection of any malware written with autoit script engine.

There are lot of generic malware in this publications. Thats why there are some incredible connections (downloads) between nsanti (chines) and xpantivirus (ukrain), Exchanger and Rustok, AutoIt and TDSS => some information in this charts are really useless be course of common names in multi av and generic names. Thats all. Sorry for my Brazilian English...