Jump to content
chen

白+黑樣本

Recommended Posts

I would like to ask the sample immunet automation system can be analyzed white + black sample.

1. I first explain what is called white + black sample, the so-called "white + black" refers to hackers Use by formal software bundled with malicious program to spread the virus means. As we all know, most software installation need to run an exe file, the current mainstream exe installation file has loaded the process of the dll files, but not to verify the legitimacy of the dll files.The hackers took advantage of this loophole, the normal dll files replace the as malicious dll files. because the loader with a legitimate digital signature, most of the security software don't detect.

2.immunet automation system can be analyzed white + black sample.If can't,can setup an email address, by the immunet team human analysis sample and joining Immunet signature.

Share this post


Link to post
Share on other sites

Hi Ryuusei,

 

I'll be honest, I'm not completely sure if we do support this or not. I'll be looking into this however, and it's definitely a great idea if we don't already. Thanks,

 

- Francis

Share this post


Link to post
Share on other sites

Hi Francis

This is not a great idea, but have hackers to do so, in 2012, China has this virus, when I submit samples to Avast, and inform this case, received notice from avast,

the avast virus experts being processed , after 24 hours, avast! Community IQ can detect, a that Fortinet first time analysis to confirm the non-toxic, and then I wrote to them please re-analyzed to confirm is malware.

 

I have around a sample of this type of, and Francis there is a need I can submit to Francis.

The following is a sample analysis results

Virustotal:https://www.virustotal.com/en/file/f247f2a9ff501d99abad91d28ecad03865229d13c7e3b47a43af927795fec86b/analysis/1366161258/

Share this post


Link to post
Share on other sites

Hi Francis

This is not a great idea, but have hackers to do so, in 2012, China has this virus, when I submit samples to Avast, and inform this case, received notice from avast,

the avast virus experts being processed , after 24 hours, avast! Community IQ can detect, a that Fortinet first time analysis to confirm the non-toxic, and then I wrote to them please re-analyzed to confirm is malware.

 

I have around a sample of this type of, and Francis there is a need I can submit to Francis.

The following is a sample analysis results

Virustotal:https://www.virustot...sis/1366161258/

 

The following is Reports from China, you can use the google translation to see.

http://tech.qq.com/a/20121101/000189.htm

http://www.newhua.com/2012/0730/170501.shtml

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×