Ramnit bot

2012-11-01

Chao Chen

Fortinet, China
Editor: Helen Martin

Abstract

First discovered in around April 2010, Ramnit is now not only a file infector that infects Windows Portable Executable files (.exe, .scr and .dll files) and HTML documents, but also a multi-component bot. Chao Chen takes a deep dive into Ramnit, analysing the functionalities of each of its components.


The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Quick Links

Poll
Should software vendors extend support for their products on Windows XP beyond the end-of-life of the operating system?
Yes - it keeps their users secure
No - it encourages users to continue to use a less secure OS
I don't know
Leave a comment
View 24 comments

AusCert2014

Virus Bulletin
In this month's magazine:
  • VBSpam comparative review March 2014
  • VB100 comparative review on Ubuntu Server 12.04LTS
  • The shape of things to come
  • Threat intelligence sharing: tying one hand behind our backs
  • The curse of Necurs, part 1
  • More fast or more dirty?
  • Tofsee botnet
  • Back to VBA
  • Is the security industry up to the new challenges to come?
  • Greetz from academe: No place to Hyde
Virus Bulletin 04 2014
Subscribe now!

Virus Bulletin currently has 231,353 registered users.