Daniel Plohmann daniel.plohmann@fkie.fraunhofer.de @push_pnx @malpedia
02.04.2017 Views
Share Embed Flag

Daniel Plohmann daniel.plohmann@fkie.fraunhofer.de @push_pnx @malpedia

e4kWdgu

e4kWdgu

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
ale.sp.brazil

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

The Malware Knowledge Archipelago<br />

How I feel about the malware research community<br />

• Malware „knowledge“ is heavily based on personal<br />

experience but also fragmented in the community<br />

• Information frequency is potentially too high to<br />

comfortably keep up<br />

• The outlined i<strong>de</strong>ntification journey might have been shortened by e.g.<br />

• Being familiar with its various names: Trickster == TrickLoa<strong>de</strong>r == TrickBot<br />

• Knowing u„BotLoa<strong>de</strong>r“ is a stable string and also unique string for this malware family<br />

• Knowing u“Xmaker“ replaced u„BotLoa<strong>de</strong>r“ as user agent in the most recent version<br />

[1] https://grethascholtz.wordpress.com/2011/12/19/life-in-the-finnish-archipelago/<br />

14<br />

© Cyber Analysis and Defense Department, Fraunhofer FKIE

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!