Mebroot / Torpig / Sinowal malware - Perpetual Horizon

A place to discuss malware of every flavor, e.g. Storm, Waledac, Conficker and Zeus

Mebroot / Torpig / Sinowal malware - Perpetual Horizon

Postby meep » Sat Jul 24, 2010 8:17 am

I don't know who this researcher is offhand and before recently I do not recall this Perpetual Horizon blog, but this recent blog entry has some amazing detail about mebroot malware. Some of the decoding stuff is over my head, but I find the memory analysis results this researcher posted as very interesting.

A Trip Down Memory Lane with Mebroot/Torpig
Perpetual Horizon Security Research

These notes describe a basic analysis of a Mebroot/Torpig infection through memory dump and observation. This particular Mebroot/Torpig infection took place in Feb of 2010, and the box also contained some type of adware that may pollute the results a bit. ...
User avatar
meep
Spammers' Nightmare
 
Posts: 2777
Joined: Thu Apr 05, 2007 4:10 pm

Return to Malware

Who is online

Users browsing this forum: No registered users and 2 guests

cron