Difference between revisions of "Targeted destructive malware explained: Troj/Mdrop-ELD"

From Botnets.fr
Jump to navigation Jump to search
 
 
(One intermediate revision by the same user not shown)
Line 2: Line 2:
|Image=strexe.jpg
|Image=strexe.jpg
|Legend=Source: Sophos Labs
|Legend=Source: Sophos Labs
|Botnet=MDrop-ELD, DistTrack,
|Malware=,
|ExploitKit=,
|CCProtocol=,
|Year=2012
|Date=2012-08-17
|Editor=Sophos Labs
|Link=http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/
|Author=Paul Baccas,
|Type=Blogpost
|Abstract=I was confident it was malicious. And, because no other security lab seemed to detect the file, I picked a name, Troj/MDrop-ELD, wrote a quick detection, and went home.
The next day, we saw a flurry of queries about a "new" piece of malware 'Disttrack'. It turned out that it was the same piece of malware that I had detected the previous night. So one of my colleagues did some more detailed analysis.
|Document=
|Document=
|Licence=
|Licence=
|Video=
|Video=
|Link=http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/ nakedsecurity.sophos.com
|Author=Paul Baccas,
|NomRevue=Naked Security
|NomRevue=Naked Security
|Date=17 août 2012
|Editor=Sophos Labs
|Year=2012
|ISBN=
|ISBN=
|Page=
|Page=
|Abstract=I was confident it was malicious. And, because no other security lab seemed to detect the file, I picked a name, Troj/MDrop-ELD, wrote a quick detection, and went home.
|Operation=,
 
|Keyword=,
The next day, we saw a flurry of queries about a "new" piece of malware 'Disttrack'. It turned out that it was the same piece of malware that I had detected the previous night. So one of my colleagues did some more detailed analysis.
|Botnet=MDrop-ELD, DistTrack,
|Malware=,
|ExploitKit=,
|CCProtocol=,
|Operation=,  
|Keyword=,  
}}
}}

Latest revision as of 01:00, 31 July 2015

(Publication) Google search: [1]

Targeted destructive malware explained: Troj/Mdrop-ELD
Strexe.jpg
Botnet MDrop-ELD, DistTrack
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-08-17
Editor/Conference Sophos Labs
Link http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/ (Archive copy)
Author Paul Baccas
Type Blogpost

Abstract

I was confident it was malicious. And, because no other security lab seemed to detect the file, I picked a name, Troj/MDrop-ELD, wrote a quick detection, and went home.

The next day, we saw a flurry of queries about a "new" piece of malware 'Disttrack'. It turned out that it was the same piece of malware that I had detected the previous night. So one of my colleagues did some more detailed analysis.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1098,
   editor = {Sophos Labs},
   author = {Paul Baccas},
   title = {Targeted destructive malware explained: Troj/Mdrop-ELD},
   date = {17},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=Targeted_destructive_malware_explained:_Troj/Mdrop-ELD&oldid=4526"