chen Posted April 15, 2013 Report Share Posted April 15, 2013 I would like to ask the sample immunet automation system can be analyzed white + black sample. 1. I first explain what is called white + black sample, the so-called "white + black" refers to hackers Use by formal software bundled with malicious program to spread the virus means. As we all know, most software installation need to run an exe file, the current mainstream exe installation file has loaded the process of the dll files, but not to verify the legitimacy of the dll files.The hackers took advantage of this loophole, the normal dll files replace the as malicious dll files. because the loader with a legitimate digital signature, most of the security software don't detect. 2.immunet automation system can be analyzed white + black sample.If can't,can setup an email address, by the immunet team human analysis sample and joining Immunet signature. Link to comment Share on other sites More sharing options...
Francis Posted April 16, 2013 Report Share Posted April 16, 2013 Hi Ryuusei, I'll be honest, I'm not completely sure if we do support this or not. I'll be looking into this however, and it's definitely a great idea if we don't already. Thanks, - Francis Link to comment Share on other sites More sharing options...
chen Posted April 17, 2013 Author Report Share Posted April 17, 2013 Hi Francis This is not a great idea, but have hackers to do so, in 2012, China has this virus, when I submit samples to Avast, and inform this case, received notice from avast, the avast virus experts being processed , after 24 hours, avast! Community IQ can detect, a that Fortinet first time analysis to confirm the non-toxic, and then I wrote to them please re-analyzed to confirm is malware. I have around a sample of this type of, and Francis there is a need I can submit to Francis. The following is a sample analysis results Virustotal:https://www.virustotal.com/en/file/f247f2a9ff501d99abad91d28ecad03865229d13c7e3b47a43af927795fec86b/analysis/1366161258/ Link to comment Share on other sites More sharing options...
chen Posted April 17, 2013 Author Report Share Posted April 17, 2013 Hi Francis This is not a great idea, but have hackers to do so, in 2012, China has this virus, when I submit samples to Avast, and inform this case, received notice from avast, the avast virus experts being processed , after 24 hours, avast! Community IQ can detect, a that Fortinet first time analysis to confirm the non-toxic, and then I wrote to them please re-analyzed to confirm is malware. I have around a sample of this type of, and Francis there is a need I can submit to Francis. The following is a sample analysis results Virustotal:https://www.virustot...sis/1366161258/ The following is Reports from China, you can use the google translation to see. http://tech.qq.com/a/20121101/000189.htm http://www.newhua.com/2012/0730/170501.shtml Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.