I've just read a very interesting analysis of a new malware on SANS ISC. They've found a malware that downloads a password protected zip file from a HTTP location. The contents of this package is encrypted. The malware also uses a certificate to establish SSL connections to the IRC control servers, avoiding detection by network IDSes. Very interesting.
Modern malware
Modern malware
Modern malware
I've just read a very interesting analysis of a new malware on SANS ISC. They've found a malware that downloads a password protected zip file from a HTTP location. The contents of this package is encrypted. The malware also uses a certificate to establish SSL connections to the IRC control servers, avoiding detection by network IDSes. Very interesting.