Alina: following the shadow part 2
Jump to navigation
Jump to search
(Publication) Google search: [1]
Alina: following the shadow part 2 | |
---|---|
Botnet | Alina |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2013 / 2013-06-03 |
Editor/Conference | Trustwave |
Link | https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina--Following-The-Shadow-Part-2/ (Archive copy) |
Author | Josh Grunzweig |
Type | Blogpost |
Abstract
“ For this final part, I'm going to focus on how this malware is installed, what protections the author has placed on the malware to prevent Anti-Virus detection and/or reverse engineering of it, and how Alina aggregates track data. I may also throw in some other random tidbits of information that I've encountered depending on how long this blog post goes. My last one in particular was quite lengthy, so I'm going to do my best to avoid that this time around. We're going to be looking at the same versions as before. I've included the timeline graph below as a reference for readers.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1613, editor = {Trustwave}, author = {Josh Grunzweig}, title = {Alina: following the shadow part 2}, date = {03}, month = Jun, year = {2013}, howpublished = {\url{https://www.trustwave.com/Resources/SpiderLabs-Blog/Alina--Following-The-Shadow-Part-2/}}, }