Home » Story links » Param's story links

Analysis of a Win32.Delf Variant

Link: http://securitylabs.websense.com/content/Blogs/3060.aspx
Points: 890 views User: Param Comments: 0 Comments Tag:

We have been noticing quite a few malware samples having references to or communicating with Google's SMTP servers. This post dissects one of these samples and in the process attempts to illustrate to the reader some reversing techniques and information gathering techniques, while explaining the behavior and impact of this virus. At the end of this post you will discover the reasoning for this SMTP reference and see a rather revealing screenshot showing its purpose.


Email: Email this Story to a Friend

Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <h1> <quote> <img>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Copy the characters (respecting upper/lower case) from the image.
.