https://www.botnets.fr/index.php?title=Analysis_of_TDL4&feed=atom&action=history
Analysis of TDL4 - Revision history
2024-03-29T00:31:44Z
Revision history for this page on the wiki
MediaWiki 1.36.1
https://www.botnets.fr/index.php?title=Analysis_of_TDL4&diff=5770&oldid=prev
Eric.freyssinet: Text replacement - " baesystemsdetica.blogspot.fr" to ""
2015-08-05T19:52:37Z
<p>Text replacement - " baesystemsdetica.blogspot.fr" to ""</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 19:52, 5 August 2015</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{{Publication</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>{{Publication</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|Link=http://baesystemsdetica.blogspot.fr/2012/10/analysis-of-tdl4_8570.html <del style="font-weight: bold; text-decoration: none;">baesystemsdetica.blogspot.fr</del></div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>|Link=http://baesystemsdetica.blogspot.fr/2012/10/analysis-of-tdl4_8570.html</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|Author=Sergei Shevchenko</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|Author=Sergei Shevchenko</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|NomRevue=StratBLOG</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>|NomRevue=StratBLOG</div></td></tr>
<!-- diff cache key wiki:diff::1.12:old-2592:rev-5770 -->
</table>
Eric.freyssinet
https://www.botnets.fr/index.php?title=Analysis_of_TDL4&diff=2592&oldid=prev
Eric.freyssinet: 1 revision imported
2015-02-07T14:28:28Z
<p>1 revision imported</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<tr class="diff-title" lang="en">
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="1" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 14:28, 7 February 2015</td>
</tr><tr><td colspan="2" class="diff-notice" lang="en"><div class="mw-diff-empty">(No difference)</div>
</td></tr></table>
Eric.freyssinet
https://www.botnets.fr/index.php?title=Analysis_of_TDL4&diff=2591&oldid=prev
Eric.freyssinet at 10:04, 25 November 2012
2012-11-25T10:04:09Z
<p></p>
<p><b>New page</b></p><div>{{Publication<br />
|Link=http://baesystemsdetica.blogspot.fr/2012/10/analysis-of-tdl4_8570.html baesystemsdetica.blogspot.fr<br />
|Author=Sergei Shevchenko<br />
|NomRevue=StratBLOG<br />
|Date=2012-10-20<br />
|Editor=BAE Systems<br />
|Year=2012<br />
|Botnet=TDL-4<br />
|Abstract=Our lab has recently got its hands on a new sample of TDL4, also known as TDSS.<br />
<br />
The sample is likely distributed as a dropper file named outlkupd.exe; its file size 1,224Kb. Some of the components that it drops were compiled in July 2012, and some were compiled in September 2012 - so it's relatively a 'fresh' one.<br />
<br />
The dropper is packed with an interesting packer that disguises the protected executable underneath as a normal code, with the normal flow and innocent API calls.<br />
}}</div>
Eric.freyssinet