Disttrack malware overwrites files, infects MBR
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Disttrack malware overwrites files, infects MBR | |
|---|---|
| Botnet | DistTrack |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 2012-08-17 |
| Editor/Conference | Trend Micro |
| Link | http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr (Archive copy) |
| Author | Cris Pantanilla |
| Type | Blogpost |
Abstract
“ Reports of Disttrack/Shamoon malware, which overwrites files and infects the Master Boot Record (MBR) of infected systems, have recently surfaced. Trend Micro detects the said WORM_DISTTRACK.A. Currently, its arrival method is still undetermined. It is found to spread to other computers by dropping copies of itself in administrative shares. Its dropped copy may use file names such as clean.exe or dvdquery.exe.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1108,
editor = {Trend Micro},
author = {Cris Pantanilla},
title = {Disttrack malware overwrites files, infects MBR},
date = {17},
month = Aug,
year = {2012},
howpublished = {\url{http://blog.trendmicro.com/disttrack-malware-overwrites-files-infects-mbr}},
}