Activities 2009-2010

> Articles Written:

-------------------

http://www.malwareinfo.org/files/TheFearFactor.pdf

http://www.malwareinfo.org/files/MalwareIncidentResponse.pdf

http://www.malwareinfo.org/files/Conficker&TrafficConverter.pdf

Web Malwares - Part1 ---> Article has not yet been uploaded.

Mail sent to Abhishek for possibility of this article to get published under MVP Articles.

> Magazine:

-----------

The Fear Factor

Hakin9 Magazine

Data of publication: January 11th - March 5th

Issue number: 1/2010(26)

Pages: 30-37

January 11, 2010

> Utilities Created:

--------------------

http://www.malwareinfo.org/Utilities/MI-Scanner.zip

http://www.malwareinfo.org/Utilities/PEDetails.zip

> Presentation:

---------------

http://www.malwareinfo.org/files/MalwareIncidentResponse.zip

http://www.malwareinfo.org/files/IncreasingWebMalwares.zip

> Microsoft Open Source Project:

--------------------------------

http://usbprotect.codeplex.com

> Personal Blog Posts:

----------------------

http://maliciousbrains.blogspot.com/2009/11/increase-in-web-malware-activity.html

http://maliciousbrains.blogspot.com/2009/11/heap-spraying.html

http://maliciousbrains.blogspot.com/2009/09/microsoft-security-articles-sep07-sep13.html

http://maliciousbrains.blogspot.com/2009/09/with-great-power-comes-great.html

http://maliciousbrains.blogspot.com/2009/09/vulnerabilities-in-smb-could-allow.html

http://maliciousbrains.blogspot.com/2009/09/symantecs-suspiciouscloudam-detection.html

http://maliciousbrains.blogspot.com/2009/09/what-is-more-secure-ie-or-firefox.html

http://maliciousbrains.blogspot.com/2009/09/internet-information-services-ftp.html

http://maliciousbrains.blogspot.com/2009/09/fear-factor.html

http://maliciousbrains.blogspot.com/2009/08/hooray-autorun-problem-fixed.html

http://maliciousbrains.blogspot.com/2009/08/security-articles-from-microsoft-17-aug.html

http://maliciousbrains.blogspot.com/2009/08/new-microsoft-security-articles-august.html

http://maliciousbrains.blogspot.com/2009/08/august-2009-bulletin-release.html

http://maliciousbrains.blogspot.com/2009/08/sql-server-2008-r2-is-on-public-ctp2.html

http://maliciousbrains.blogspot.com/2009/07/microsoft-july-2009-out-of-band.html

http://maliciousbrains.blogspot.com/2009/07/microsoft-will-now-power-yahoo-search.html

http://maliciousbrains.blogspot.com/2009/07/fifth-anniversary-celebration-of.html

http://maliciousbrains.blogspot.com/2009/06/w32neerisc-alert.html

http://maliciousbrains.blogspot.com/2009/04/update-to-disable-autorun-feature-for.html

http://maliciousbrains.blogspot.com/2009/04/how-dns-servers-network-routers-can.html

http://maliciousbrains.blogspot.com/2009/04/teched-india-2009-hyderabad-may-13th.html

http://maliciousbrains.blogspot.com/2009/04/night-of-living-dead.html

http://maliciousbrains.blogspot.com/2009/04/conficker-and-traffic-converter.html

http://maliciousbrains.blogspot.com/2009/04/another-new-variant-of.html

http://maliciousbrains.blogspot.com/2009/04/powerpoint-zero-day-vulnerability.html

> Submission to MMPC:

-------------------------------

700 New Malwares

TrojanDownloader:Win32/Swif.gen!A

Example files:

> KASPERSKY New Detection:

-------------------------

Trojan-Downloader.Win32.Agent.cwqw

Trojan-Downloader.PHP.Small.w

Trojan.JS.Agent.ato

Backdoor.Win32.Bredavi.aor

Trojan-Downloader.JS.Iframe.bvs

Trojan.Win32.Vent.e

Trojan.Win32.FraudPack.ube

AdWare.Win32.AdMedia.ed

AdWare.Win32.BHO.hmc

AdWare.Win32.Mostofate.j

Backdoor.Win32.Agent.ahxa

Backdoor.Win32.Bifrose.bful

Backdoor.Win32.IRCBot.iga

Email-Worm.Win32.Joleee.dpa

Exploit.JS.Pdfka.sq

FraudTool.Win32.AntivirusPlus.bv

FraudTool.Win32.RegistrySmart.m

Trojan.Win32.Agent.cawa

Trojan.Win32.Agent.cawb

Trojan.Win32.Agent.cmso

Trojan.Win32.Agent.cntu

Trojan.Win32.Buzus.bgwj

Trojan.Win32.FraudPack.ktv

Trojan.Win32.FraudPack.pbv

Trojan.Win32.FraudPack.qfs

Trojan.Win32.FraudPack.tzk

Trojan.Win32.Inject.agyi

Trojan.Win32.TDSS.wlq

Trojan-Downloader.HTML.Agent.ox

Trojan-Downloader.JS.Agent.enr

Trojan-Downloader.JS.Iframe.bqn

Trojan-Downloader.JS.Timul.dm

Trojan-Downloader.Win32.Agent.chbi

Trojan-Downloader.Win32.CodecPack.hzg

Trojan-Downloader.Win32.FraudLoad.eap

Trojan-Downloader.Win32.FraudLoad.eem

Trojan-Downloader.Win32.FraudLoad.vpdj

Trojan-Downloader.Win32.FraudLoad.wlxk

Trojan-Downloader.Win32.Murlo.anm

Trojan-Dropper.JS.Agent.cl

Trojan-Dropper.Win32.Agent.auut

Trojan-GameThief.Win32.OnLineGames.uvqt

Trojan-PSW.Win32.Agent.nfo

Trojan-PSW.Win32.Small.hq

Trojan-Spy.Win32.VB.btm

Trojan-Spy.Win32.Zbot.aaee

Trojan-Spy.Win32.Zbot.aaef

Trojan-Spy.Win32.Zbot.rrq

Trojan-Spy.Win32.Zbot.rwa

Win32.AutoRun.fmc

Worm.Win32.AutoRun.gec

> AVIRA New Detection:

---------------------

TR/BHO.X.ZIP

PHP/Dldr.Small.F

JS/Agent.AK

JS/Agent.erx

JS/Agent.jrf

JS/Agent.cri

JS/Agent.mha

JS/Agent.19017

PHP/Small.G

TR/Dldr.IFrame.bvs

TR/Agent.aoh.6

TR/Dldr.IFrame.brm

TR/Drop.Agent.CL.1

TR/FraudPack.ube.1

TR/FraudPack.ubf

TR/Vent.E

TR/Spy.ZBot.aban

TR/Spy.ZBot.QI

EXP/Pidief.wye

SPR/Fake.IAVP.44

TR/Dldr.Timul.DM

TR/Dldr.IFrame.bqn

EXP/Pidief.EZ

SPR/PHP.ID

TR/Spy.ZBot.aaee

TR/Dropper.Gen

SPR/Tool.281088

DR/Agent.cntu.1

DR/Agent.cntu

SPR/Dldr.Tool.Reactor

TR/Alureon.BK.3

TR/Fakealert.SM

ADSPY/Agent.161110

TR/Spy.ZBot.rqr

SWF/Drop.Agent.B

TR/Dldr.FraudLoad.eem

DR/VB.nuz

http://analysis.avira.com/samples/details.php?uniqueid=q5bmTcEFn6NG4ZgxLO7B0PBH3WgmROFP