Loki Posted March 25, 2008 Share Posted March 25, 2008 Another paper from the guys at offensive computingThis paper briefly details the analysis of W32/StormWorm.gen1. Analysis includes the two files created by the variant and a look into the contents of those files. A quick overview of the network traffic generated by the worm is displayed and the data exchanged between the peers who are connected to the Overnet P2P network. Towards the end of the paper, extended research discusses the disassembly of the variant and where the process injection is found within the assembly code.http://www.offensivecomputing.net/?q=node/678PDF direct link : http://www.offensivecomputing.net/papers/j...m-3-23-2008.pdf Link to comment Share on other sites More sharing options...
Patrickssj6 Posted March 25, 2008 Share Posted March 25, 2008 "A more in depth look into the functions and payload of the worm can be seen in Danny Quist Link to comment Share on other sites More sharing options...
Loki Posted March 25, 2008 Author Share Posted March 25, 2008 Yup, linked to that one in the topic below this one Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now