Jump to content
Tuts 4 You

W32/stormworm.gen1 Network Analysis


Loki

Recommended Posts

Another paper from the guys at offensive computing

This paper briefly details the analysis of W32/StormWorm.gen1. Analysis includes the two files created by the variant and a look into the contents of those files. A quick overview of the network traffic generated by the worm is displayed and the data exchanged between the peers who are connected to the Overnet P2P network. Towards the end of the paper, extended research discusses the disassembly of the variant and where the process injection is found within the assembly code.

http://www.offensivecomputing.net/?q=node/678

PDF direct link : http://www.offensivecomputing.net/papers/j...m-3-23-2008.pdf

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...