MalBabble

Your antidote to the cyber-twaddle that is spread about security and malware. Many people research malware and security and the impact of both. Some insights are valuable; others are insanely stupid. MalBabble exists because insisting that conclusions be drawn from data is a coherent idea; that conjecture isn't evidence; and because appealing to conspiracy to validate ideas is intellectually lazy.

Pages

  • Home
  • Mind's Eye

Thursday, December 31, 2015

ZxShell

Community References

  • Sensode (Cisco)

Malware References

  • http://blog.trendmicro.com/trendlabs-security-intelligence/mers-news-used-in-targeted-attack-against-japanese-media-company/
  • http://blogs.cisco.com/security/talos/opening-zxshell
  • https://www.symantec.com/security_response/writeup.jsp?docid=2014-021716-3303-99&tabid=2
  • https://www.f-secure.com/v-descs/backdoor_w32_zxshell_a.shtml
  • http://blogs.cisco.com/security/talos/threat-spotlight-group-72
  • http://www.talosintel.com/files/publications_and_presentations/papers/Cisco_security_Group72_wp.pdf
  • http://www.symantec.com/connect/blogs/operation-cloudyomega-ichitaro-zero-day-and-ongoing-cyberespionage-campaign-targeting-japan
  • http://www.crowdstrike.com/blog/french-connection-french-aerospace-focused-cve-2014-0322-attack-shares-similarities-2012/
  • https://www.fireeye.com/blog/threat-research/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html
  • https://www.bluecoat.com/security-blog/2014-07-21/korean-gaming-industry-still-under-fire
  • https://www.novetta.com/2014/10/operation-smn-detailed-reporting-released/
  • http://www.kashifali.ca/category/backdoor-zxshell/
Posted by Starric at 9:02 AM
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: APT, Malware, ZxShell

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ►  2019 (10)
    • ►  April (1)
    • ►  March (4)
    • ►  February (5)
  • ►  2016 (13)
    • ►  January (13)
  • ▼  2015 (23)
    • ▼  December (16)
      • ZoxPNG
      • Fexel
      • Stealer
      • ZxShell
      • AspxSpy
      • 9002
      • Poison Ivy
      • Hikit
      • Gh0st
      • Proxydown
      • Preshin
      • Gameover Zeus
      • Emotet
      • Dyzap
      • Crowti
      • Crilok (Cryptolocker)
    • ►  August (2)
    • ►  July (1)
    • ►  April (1)
    • ►  January (3)

Labels

  • 3102 (1)
  • 9002 (1)
  • Agtid (1)
  • Amisharp (1)
  • APT (18)
  • AspxSpy (1)
  • Backspace (1)
  • Black Energy (1)
  • BlackCoffee (1)
  • Boda (1)
  • Breut (1)
  • Briba (1)
  • c0d0so0 (1)
  • Comfoo (1)
  • Crilok (1)
  • crimeware (2)
  • Crowti (1)
  • Deputy Dog (1)
  • Derusbi (1)
  • Destory (1)
  • Disakil (1)
  • DPD (1)
  • Dyzap (1)
  • Elirks (1)
  • Elise (1)
  • Emissary (1)
  • Emotet (1)
  • Fexel (1)
  • Gameover (1)
  • Gaolmay (1)
  • Gh0st (1)
  • Go (1)
  • GoScanSSH (1)
  • Gulpix (1)
  • Hikit (1)
  • HTTPS (1)
  • Hydraq (1)
  • Kaba (1)
  • Kernelbot (1)
  • KillDisk (1)
  • lancafdo (1)
  • Lecna (1)
  • Linksys Worm (1)
  • Lstudio (1)
  • Malware (27)
  • Matrix (1)
  • McRat (1)
  • MdMBot (1)
  • Miancha (1)
  • Moudoor (1)
  • Naid (1)
  • Nancrat (1)
  • page (1)
  • PE File Header (5)
  • PirateMatryoshka (1)
  • PlugX (1)
  • Poison Ivy (1)
  • Preshin (2)
  • Proxydown (1)
  • sandworm (1)
  • Separ (1)
  • Shade (1)
  • Sharky RAT (1)
  • Shlayer (1)
  • Snefix (1)
  • Sogu (1)
  • sshbeardoor (2)
  • Stealer (1)
  • stscout (1)
  • Tabcteng (1)
  • TheMoon (1)
  • Thoper (1)
  • Tools (2)
  • Troldesh (1)
  • TVT (1)
  • Vasport (1)
  • Wumins (1)
  • Yara (6)
  • Zeus (1)
  • ZoxPNG (1)
  • ZxShell (1)
Simple theme. Powered by Blogger.