Quervar – Induc.C reincarnate
Jump to navigation
Jump to search
(Publication) Google search: [1]
Quervar – Induc.C reincarnate | |
---|---|
Botnet | Dorifel |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / August 21, 2012 |
Editor/Conference | Eset |
Link | http://blog.eset.com/2012/08/21/quervar-induc-c-reincarnate blog.eset.com (blog.eset.com Archive copy) |
Author | Robert Lipovsky |
Type |
Abstract
“ Win32/Quervar (a.k.a Dorifel, XDocCrypt) is a virus family that has been in the news recently, especially in the Netherlands. It has been reported to be causing havoc on computers of several notable Dutch institutions. In our analysis, we provide additional technical details about the workings of the virus and compare it to another virus, the Delphi-infecting Win32/Induc.C, to which it bears a suspiciously strong resemblance.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1114, editor = {Eset}, author = {Robert Lipovsky}, title = {Quervar – Induc.C reincarnate}, date = {21}, month = Aug, year = {2012}, howpublished = {\url{http://blog.eset.com/2012/08/21/quervar-induc-c-reincarnate blog.eset.com}}, }