Jump to content
Tuts 4 You

W32.Duqu a.k.a. Stuxnet II


PaperBall

Recommended Posts

the symantec whitepaper can be found here


/>http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf

THere is supposed to be a 2x page attachment (the inital analysis), but i can only see the 14p symantec analysis...

Link to comment

It's an industrial rootkit..The PLC payload and leaked PKI usage is all that is really unique. It Does some DKOM and stuff with tables, or at least it did when I looked at the last one.

I'm not going to use what little time I have to re-analyse anything

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...