Win32Looked < Main

r1 - 14 May 2008 - 13:48:34 - MattJonkmanYou are here: TWiki >

Main Web > Win32Looked

Looked.P

Also being called Trojan.PWS.Gamania.origin, Trojan-PSW.Win32.OnLineGames.aenl, Trojan-PSW.Win32.OnLineGames.aenl, Win32.Looked.P(v)

Samples involved: 7bbec6c1d7d727e70854184b1c1c5088 6720556aa97632ae3d3bd7f88f6c572f

CnC? on ports 81, 83 seen. Client sends:

6 bytes

#108/!

Several times, eventually receives

6 bytes

#109/!

Sigs 2008219 and 2008220 will detect.

-- MattJonkman - 14 May 2008

Main

Main Web
Create New Topic
Index
Search
Changes
Preferences

User Reference
ATasteOfTWiki
TextFormattingRules

Signature Reference
WebRss Feed
EmergingFAQ

Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback