Analysis: Malware Win32/Rimecud.B
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Publication) Google search: [1]
| Analysis: Malware Win32/Rimecud.B | |
|---|---|
| Botnet | Rimecud |
| Malware | Rimecud.b |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2011 / 09/05/2011 |
| Editor/Conference | |
| Link | https://community.qualys.com/blogs/securitylabs/2011/05/09/analysis-malware-win32rimecudb (Archive copy) |
| Author | Bharat Jogi, Qualys Security Labs |
| Type | Blogpost |
Abstract
“ Infections of Win32/Rimecud.B were first spotted in the wild in the second half of 2010, but customers are still calling us due to difficulties in removing it even in the presence of anti-virus software. So we decided to analyze it and on the way also describe some interesting anti-debugging techniques that are used by it. We also analyze the malware's behavior once a system is infected...
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR1349,
editor = {},
author = {Bharat Jogi, Qualys Security Labs},
title = {Analysis: Malware Win32/Rimecud.B},
date = {05},
month = Sep,
year = {2011},
howpublished = {\url{https://community.qualys.com/blogs/securitylabs/2011/05/09/analysis-malware-win32rimecudb}},
}