Wednesday, April 22, 2009

conficker.e analysis (.exe component) - part 0.5 - command syntax

The following screenshot shown the command syntax expected by conficker.e on TCP port 1382:

As shown the syntax is /get wdomfknm http/ or /get random string http/

No comments:

Post a Comment