[Community-sigs] Win.Agent.Dorkbot
Askar Dyussekeyev
dyussekeyev at yandex.kz
Fri Jul 22 13:19:41 EDT 2016
Win.Agent.Dorkbot:1:14684:558BEC83C49C5356576A0EE8C0F4FFFF668B0059668945F4837D0C287E07C7450C280000008B550C8955F8668B4D146681E1DF0066894DF66683F94675128B7DF8F7DF85FF7E2233C089C789450CEB198B7DF885FF7F07BF01000000EB0B66837DF645750447FF450C8B451C508D559C528D4DFC51578B450850E8010F000083C4148BF08B5D1081FEFF7F00007521837DFC007407B80CAF4000EB05
signature looks for specific block of code
detections:
001a255c29530c33702b244b5ade0b76
0c02e4501084e6d5a22c425c24a87a8f
0ee9abfbd0451fec553db09afa6da0a0
0f6889a03045ef3a2ce1df20732e8b9c
70376207052ea3bec090cc754ee4addd
b50ee084b60758509ad4543bfab4a456
cda64fa3ef483d3398c8cb158ca2c150
f1d57b400f8313c9bf41c6a9d1a1b277
More information about the Community-sigs
mailing list