urlzone

["Adam Pal" <pal_adam () gmx net>]

Hi guys,

I just read Finjan's analysis about URLzone, so i would like to ask you if anyone has seen it so far or do you have any 
idea how to grab and analyse this malicious code?
Filenames wont work since those seem to be more or less random.
> From what i read it hooks in svchost, so do you know if it shows up at tasklist /svc or will it undermine the command 
> and hide itself?
Any entries in the registry?
Certain ports for communication to master or patterns in the TCP?


Thanks in advance,
Adam
-- 
Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 -
sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------