Forum Security-X > News

Win32/Afcore

(1/1)

chantal11:
Bonjour,


--- Citer ---This month, the MSRT team added the Win32/Afcore family of trojans to its detections. This malware is also known as Coreflood.

It has evolved over time, first breaking onto the scene in 2003. At the time, it was encountered when visiting a malicious web page containing obfuscated VBScript and detected as TrojanDropper:VBS/Inor.B. Using hexadecimal encoding, the VBScript dropper would create an executable, detected as Backdoor:Win32/Apdoor.C. Its main functionality was somewhat simple then and the malware referred to itself as “AICORE” in its debug messages.

The threat family dropped off in telemetry in 2009 and also during this time, it became part of a command & control network, or botnet. The sophistication of the malware increased, by spawning multiple processes and through the use of obfuscation and anti-emulation methodology.
--- Fin de citation ---
Lire la suite sur Microsoft Malware Protection Center

@+

Navigation

[0] Index des messages