Malware Case Study
-
Taken from http://sunbeltblog.blogspot.com/2006/11/excellent-malware-case-study.html
Excerpt:
This document contains details of an exploratory case study that was conducted on a malware specimen found in the wild by members of the Mal-Aware Group (Secure Science and Sunbelt Software). The trojan was hosted on web servers located in the Ukraine and Russia, and existed among several gigabytes of data encoded with a proprietary algorithm. There were nearly 10,000 individual files available, each containing between 70 bytes and 56 megabytes worth of stolen data that only criminals could read…until now.
Original PDF found here:
http://ip.securescience.net/advisories/pubMalwareCaseStudy.pdf
They rebuilt parts of the code in C to show what it's doing, approximately. Enjoy!
-
Most urls from pdf are still available.
I can't say anything else, than... PWNED! :)