[Emerging-Sigs] kazakaza.php trojan communications
eoin.miller at trojanedbinaries.com
Wed Oct 13 11:20:26 EDT 2010
On 10/13/2010 2:12 PM, Joel Esler wrote:
> Sent from my iPhone
Example on why not to just look for .bin/.db only just popped up again
GET /wetq.img HTTP/1.1..
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1;
Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR
3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)..
This sucker isn't even in ZeuS tracker yet.
More information about the Emerging-sigs