SDBot
SDBots are worms that propagate via network shares. They also contain backdoor functionality, which connects to an IRC channel and waits for commands. Because of the similarities between many of the...
View ArticleMyDoom.AH
W32/MyDoom.AH is a mass-mailing peer-to-peer worm, compressed using UPX to a file size of 31,744 bytes.
View ArticleNetsky.P
This is an email and network worm. File size is 29568 bytes, but size may vary when the worm comes in a zip file.
View ArticleMyDoom.L
W32/MyDoom.L@mm is a mass mailing worm compressed using UPX. Filesizes may vary as the worm appends random data to itself, but samples seem to be at least 28kbytes.
View ArticleMyDoom.AQ
Another worm in the MyDoom series; file size usually 25771 bytes. This appears to be more or less a repackaging of an earlier variant, although small differences exist.
View ArticleMytob
The Mytob family is a big family of worms that can spread via email and via security vulnerabilities in the operating system. This is a general description of the family. Mytob is loosely based on two...
View ArticleTibs
This is a large malware family (10000+ discrete detections) with a variety of components and functionality. The first variants of this series were seen as early as 2005. These trojans are designed to...
View ArticleConficker
W32/Conficker is a network-propagating worm family. There are several variants. This description mainly describes the B variant. Additional details of the C and D variants are appended.The worm's most...
View ArticleKoobface
W32/Koobface is a worm propagating through social networking sites such as Facebook. The worm spreads by sending messages with malicious links to contacts on various social networking sites. These...
View ArticleVirut
W32/Virut is a polymorphic virus that infects executables and screensaver files, and attempts to downloads additional malware. There are many variants.The Virut.CM variant also injects an iframe object...
View ArticleTDSS
TDSS is a trojan that has a rootkit component and a bot component. The rootkit is responsible for hiding the trojan's files on disk, and for providing hidden and encrypted storage for the bot...
View ArticleBredolab
W32/Bredolab is a trojan downloader that connects to the server hard-coded in to the executable and downloads the malware in order to compromise the system security, depending on the instruction...
View ArticleStuxnet.A
W32/Stuxnet.A belongs to a worm family that spreads through removable drives. It does this malicious activity by taking advantage of the recently discovered vulnerability in Microsoft Windows Shell...
View ArticleSpyEye
@img:1:center:size=original@Fig 1 The SpyEye 1.2.6 configuration screen. This is what the trojan distributor uses before making a new trojan copy.SpyEye is a large and complex banking trojan, which is...
View ArticleFake Antivirus
Fake antivirus or more precise - fake antimalware, or rogue security programs - is a generic description for all types of malware that pretend to be protection software against virus, spyware, trojans...
View Article
