Friday 5 December 2014

SONY - Malware Analysis

The malware was used recently against Sony is the same " destructive "malware that the FBI this week warned. Reported that the Japanese anti-virus company Trend Micro that a copy of the malware got hold. The main part of the malware is a collection of user names and passwords to be logged on shared network drives.



Once active users remove the malware files and files connected network drives and stops the Microsoft Exchange Information Store service. Then the malware two hour idle and then restart the system. Another part of the malware puts a .bmp file on the computer that contains the message "Hacked by #GOP". This is the same image that would have appeared on the computers from Sony. Trend Micro therefore proposes that the malware that was used against Sony.

Here is Deep Analysis of Destructive Malware By Some Security Research Companies:

Trend Mirco
Kaspersky
Symantec
BlueCoat

VirusTotal Link:
https://www.virustotal.com/en/file/4d4b17ddbcf4ce397f76cf0a2e230c9d513b23065f746a5ee2de74f447be39b9/analysis/1417763962/


No comments:

Post a Comment