Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Malware: Analysis of the Pushdo Trojan

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg |

mho0006.jpg"SecureWorks anti-malware guru Joe Stewart, a veteran reverse-engineer who spends the majority of his time breaking apart malware samples, said the control server that powers Pushdo is preloaded with about 421 different malware executables—waiting to be delivered to infected Windows machines.

The malware itself uses electronic greeting card lures—spammed to e-mail inboxes—to trick Windows users into launching the executable.

Once the Trojan is executed, Pushdo immediately reports back to an IP address embedded in the code and connects to a server that pretends to be an Apache Web server and listens on TCP port 80." Inside a Modern Malware Distribution System

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: