Targeted destructive malware explained: Troj/Mdrop-ELD
Jump to navigation
Jump to search
(Publication) Google search: [1]
Targeted destructive malware explained: Troj/Mdrop-ELD | |
---|---|
Botnet | MDrop-ELD, DistTrack |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 2012-08-17 |
Editor/Conference | Sophos Labs |
Link | http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/ (Archive copy) |
Author | Paul Baccas |
Type | Blogpost |
Abstract
“ I was confident it was malicious. And, because no other security lab seemed to detect the file, I picked a name, Troj/MDrop-ELD, wrote a quick detection, and went home.
The next day, we saw a flurry of queries about a "new" piece of malware 'Disttrack'. It turned out that it was the same piece of malware that I had detected the previous night. So one of my colleagues did some more detailed analysis.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1098, editor = {Sophos Labs}, author = {Paul Baccas}, title = {Targeted destructive malware explained: Troj/Mdrop-ELD}, date = {17}, month = Aug, year = {2012}, howpublished = {\url{http://nakedsecurity.sophos.com/2012/08/17/targeted-destructive-malware-explained-trojmdrop-eld/}}, }