Disttrack malware overwrites files, infects MBR

From Botnets.fr
Revision as of 15:27, 7 February 2015 by Eric.freyssinet (talk | contribs) (1 revision imported)
Jump to navigation Jump to search

(Publication) Google search: [1]

Disttrack malware overwrites files, infects MBR
Botnet DistTrack
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 17 août 2012
Editor/Conference Trend Micro
Link http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr blog.trendmicro.com (blog.trendmicro.com Archive copy)
Author
Type

Abstract

Reports of Disttrack/Shamoon malware, which overwrites files and infects the Master Boot Record (MBR) of infected systems, have recently surfaced. Trend Micro detects the said WORM_DISTTRACK.A. Currently, its arrival method is still undetermined. It is found to spread to other computers by dropping copies of itself in administrative shares. Its dropped copy may use file names such as clean.exe or dvdquery.exe.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1108,
   editor = {Trend Micro},
   author = {},
   title = {Disttrack malware overwrites files, infects MBR},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr blog.trendmicro.com}},
 }