Ok, so today is saturday. And what is a nice thing to do on a sunny morning? Yes, play with honeypot logs!:) What follows below is a list of filenames being used downloaded/dropped malwares. This list is a consolidated data from the last month til today and is sorted by appearance: wupdate.exe And what could you do with such list? Well, of course that it will not replace your AV, but you could it as a feed for a script to look for those (uncommon) filenames in your machine(s) :) Update: A reader sent a list from what he got last week: h3110.411
------------------------------------------------------------------------ Handlers on Duty: Pedro Bueno ( pbueno //&&// isc. sans. org) |
Pedro 155 Posts ISC Handler Sep 15th 2007 |
Thread locked Subscribe |
Sep 15th 2007 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!