Home > ParetoLogic Blogs > Malware Diaries > New Mac DNS variant
Reply
 
Thread Tools Display Modes
  #1  
Old 08-27-2009, 06:01 PM
Michael Michael is offline
Administrator
Join Date: May 2007
Posts: 313
Default New Mac DNS variant
A mini how-to on collecting Mac Trojans. This new variant comes from anzipfimuk.com.

1) Identify a new site that hosts the Trojan (I use a HoneyPot)

mac1

2) Unless you have the exact URL, you will not be able to download the file

mac2

3) Typing the full URL (using that series of digits) gets you the binary

mac3

This one is only detected by our friends from Sophos:

mac4

Jerome Segura

Malware ID: 4ece0e88b3527c85c2c503d3899be26b.zip
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


Terms of Use