查看: 11279|回复: 23
收起左侧

[讨论] [32个赞]0.1M能做什么?!趋势网络攻击特征库显神威

[复制链接]
尘梦幽然
发表于 2015-1-3 09:13:06 | 显示全部楼层 |阅读模式
本帖最后由 尘梦幽然 于 2015-1-3 10:07 编辑

101.86K能做什么?对于一个杀毒软件而言,可能最常想到的就是本地MD5云查杀缓存了吧...可是就算是云查杀缓存,也没有这么小的啊?
看好了,趋势大法告诉你,只要101.86K就能存下针对507种网络攻击特征(包括对某一类型,比如bot网络)的检测规则!
有了这样可怕的整合能力,趋势有身材堪称迷你的病毒码也就不足为奇啦。

----------------------------------------------------------------------------
                                 Trend  Micro
                       New Network Virus Pattern Release
-----------------------------------------------------------------------------

Pattern: 10335
Release: Created to detect CVE-2014-6321 UDP DTLS SCHANNEL exploit attempts. The number of bytes that can pass through the nextwork should be 28 bytes.
Notes: CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT

                                                                          
December 05, 2014, 06:40:30 PM (GMT +08:00)



-----------------------------------------------------------------------------
New Detection:
-----------------------------------------------------------------------------

There is/are [1] new addition to the pattern file.
Please refer to the list below for all detail of the name(s).

CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT


-----------------------------------------------------------------------------
Network Virus Pattern Modified:
-----------------------------------------------------------------------------


-----------------------------------------------------------------------------
Network Virus Pattern Name Changed:
-----------------------------------------------------------------------------

Old Name                                                New Name
--------------                                          --------------




Exploits Detected by the Current Pattern
-----------------------------------------------
Exploit
-----------------------------------------------

APACHE_PHP_EXE_EXPLOIT
AWSTATS_CONFIGDIR_EXPLOIT
Allaire_ColdFusion5.0_Exploit
Allaire_JRunv.3.1a_Exploit
Allaire_JRunv.3.1b_Exploit
Apache1.3.24_Chunked_Exploit
Apache1.3.24_Chunked_scalp_Exploit
Apache_Chunked_Encoding_Exploit
AppleFileServer_LoginExt_Exploit
ArGoSoft_v1.4.1.4_SiteCopy_Exploit
ArGoSoft_v1.4.1.4_SiteUnzip_Exploit
ArGoSoft_v1.4.1.4_SiteZip_Exploit
ArGoSoft_v1.4.1.4_SiteZipstorm_Exploit
ArGoSoft_v1.4.2.8_Delete_Exploit
Awstats_Rawlog_Logfile_Exploit
BadBlue_v2.55_mfcisapicommand_Exploit
CGI_ALCHEMY_EXPLOIT
CGI_HOMEFREE_SEARCH_TRAVERSAL_EXPLOIT
CGI_IMAGEFOLIO_TRAVERSAL_EXPLOIT
CGI_TECHNOTE_DIRECTORY_TRAVERSAL_EXPLOIT
CGI_YABB_CROSSSITE_EXPLOIT
CVE-2007-1070_SERVERPROTECT_EXPLOIT
CVE-2011-0654_BROWSER_ELECTION_EXPLOIT
CVE-2012-0002_Remote_Desktop_Protocol_Exploit
CVE-2012-0017_MICROSOFT_SHAREPOINT_EXPLOIT
CVE-2012-0145_MICROSOFT_SHAREPOINT_EXPLOIT
CVE-2012-0779_OBJECT_TYPE_CONFUSION
CVE-2012-1851-PRINT_SPOOLER_SERVICE_EXPLOIT
CVE-2012-1859_SHAREPOINT_EXPLOIT
CVE-2012-1863_SHAREPOINT_EXPLOIT
CVE-2012-4774-WINDOWS_FILENAME_PARSING_EXPLOIT
CVE-2013-0005_OPEN_DATA_PROTOCOL_EXPLOIT
CVE-2013-0010_SCOM_XSS_EXPLOIT
CVE-2013-1305-HTTP_DENIAL_OF_SERVICE_VULNERABILITY
CVE-2013-0081-SHAREPOINT_SERVER_HTTP_EXPLOIT_ATTEMPT
CVE-2013-3180-SHAREPOINT_POST_XSS_EXPLOIT
CVE-2013-3895-SHAREPOINT_EDITFORM_XSS_EXPLOIT
CVE-2014-6271-SHELLSHOCK_REQUEST
CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT
Cgi_A1stats_Traversal_Exploit
Cgi_AT_Zml_Exploit
Cgi_Agora_CrossSite_Exploit
Cgi_Anacondaclip_Traversal_Exploit
Cgi_Apache1.3.23_bat_copy_Exploit
Cgi_Apache1.3.23_bat_dir_Exploit
Cgi_Apache1.3.23_bat_echo_Exploit
Cgi_Apache2.0.39_Traversal_Exploit
Cgi_Apache_Backslash_Traversal_Exploit
Cgi_Auktion_Traversal_Exploit
Cgi_Bizdb_Remote_Execution_Exploit
Cgi_Brio_Unix_Traversal_Exploit
Cgi_Cart32v3.0_Pswd_Exploit
Cgi_Cart32v3.0_clientlist_Exploit
Cgi_Cart32v3.0_expdate_Exploit
Cgi_Cgiforum_Traversal_Exploit
Cgi_Cis_Commerce_Traversal_Exploit
Cgi_Cssearch_Remote_Execution_Exploit
Cgi_Dbman_Disclosure_Exploit
Cgi_Eboard_Traversal_Exploit
Cgi_Empower_Disclosure_Exploit
Cgi_FileParse_cmd_Exploit
Cgi_FileParse_dir_Exploit
Cgi_FileParse_exedir_Exploit
Cgi_Forum_Icq_CrossSite_Exploit
Cgi_Genindexpage_Traversal_Exploit
Cgi_Get32_Remote_Execution_Exploit
Cgi_Gotopage_Traversal_Exploit
Cgi_Hylafax_Faxsurvey_passwd_Exploit
Cgi_Infosrch_Remote_Execution_Exploit
Cgi_LW_WebBlog_Remote_Execution_Exploit
Cgi_Ldaccgi_Traversal_Exploit
Cgi_Ldap_Traversal_Exploit
Cgi_Linuxstat_Traversal_Exploit
Cgi_Master_Index_Traversal_Exploit
Cgi_Mathsum_Mscgi_Exploit
Cgi_Mmstdod_Exploit
Cgi_Mrtg_Traversal_Exploit
Cgi_Multihtml_Disclosure_Exploit
Cgi_Nbmember_Disclosure_Exploit
Cgi_Ncbook_Remote_Execution_Exploit
Cgi_Neocgi_Traversal_Exploit
Cgi_Nph_Test_Disclosure_Exploit
Cgi_Ows_Bin_Exploit
Cgi_Pollit_Disclosure_Exploit
Cgi_Psunami_Remote_Execution_Exploit
Cgi_Rot13sj_Disclosure_Exploit
Cgi_Sambar_Batch_Remote_Execution_Exploit
Cgi_Shopping_Index_Traversal_Exploit
Cgi_Squid_CacheMgr_Exploit
Cgi_TA_Store_Traversal_Exploit
Cgi_Tstbat_Remote_Execution_Exploit
Cgi_Unicode_Traversal_copy_Exploit
Cgi_Unicode_Traversal_echo_Exploit
Cgi_Unicode_Traversal_msadc_Exploit
Cgi_Unicode_Traversal_script_Exploit
Cgi_VW_Ftpsave_Csp_Exploit
Cgi_Wayboard_Exploit
Cgi_Webapps_Traversal_Exploit
Cgi_Webboard_Traversal_Exploit
Cgi_Webcart_Remote_Execution_Exploit
Cgi_Webdist_Remote_Execution_Exploit
Cgi_Webpals_Exploit
Cgi_Webtop_Traversal_Exploit
Cgi_ads_command_exploit
Cgi_anaconda_traversal_exploit
Cgi_cached_feed_traversal_exploit
Cgi_directorypro_exploit
Cgi_extropia_traversal_exploit
Cgi_formhandler_traversal
Cgi_hyperseek_exploit
Cgi_iisadmpwd_WebTraversal_Exploit
Cgi_sojourn_exploit
Cgi_storypl_exploit
Cgi_ttawebtop_exploit
Cgi_viewsource_exploit
Cgi_webplus_exploit
Cgi_webspirs_traversal_exploit
Cgi_wwwboard_passwd_exploit
Cisco_IOS_Http_Server_Authentication_Exploit
CrystalFTPProv2.8_Exploit
DISTCC_DAEMON_EXPLOIT
FRONTPAGE2000_SERVER_EXTENSIONS_DOS_EXPLOIT
FRONTPAGE_FOURDOTS_EXPLOIT
FTP_USER_OVERFLOW_ATTEMPT_EXPLOIT
Ftp_Netterm_dele_Exploit
Ftp_Netterm_dir_Exploit
Ftp_Netterm_ls_Exploit
GuildFTPv0.99.2_Sizedot_Exploit
HTTP_SYSIE_REQUEST
Http_Count_Pl_Traversal_Exploit
Http_Double_Percent_Exploit
Http_Kebi_Academy_Traversal_Exploit
Http_Lotus_Domino_Traversal_Exploit
Http_Myserver_Traversal_Exploit
Http_Netbasic_Ss_Traversal_Exploit
Http_Oc_Dsl_812_Exploit
Http_Oracle_Lib_Exploit
Http_Perl_Traversal_Exploit
Http_Php_Strings_Exploit
Http_Privatepy_Traversal_Exploit
Http_Pweb_Isapi_Exploit
Http_Tomcat_Traversal_Exploit
Http_visadmin_exploit
Http_vw_catinfo_exploit
IA_WEBMAIL_SERVER_3.X_EXPLOIT                  
IIS_W3WHO_DLL_EXPLOIT
IMail_LDAP_Service_Exploit
ISS_Pam.dll_ICQ_Parser_Exploit
KINGVIEW_SCADA_HMI_HEAP_OVERFLOW_EXPLOIT
MERCANTEC_SOFTCART_CGI_EXPLOIT
MS00-006_Malformed_Highlight_Arg_Exploit
MS00-028_SERVERSIDE_IMAGE_MAP_COMPONENTS_EXPLOIT
MS01-023_ISAPI_EXTENSION_EXPLOIT
MS01-026_FTP_WILDCARD_DOS_EXPLOIT
MS010-024_SMTP_SERVER_MX_RECORD_EXPLOIT
MS010-025_MEDIA_SERVICES_BUFFER_OVERFLOW_EXPLOIT
MS010-054_SMB_POOL_OVERFLOW_EXPLOIT
MS010-065_DIRECTORY_AUTHENTICATION_BYPASS_EXPLOIT
MS010-065_DIRECTORY_AUTHENTICATION_BYPASS_EXPLOIT      
MS02-056_SQL_HELLO_EXPLOIT
MS03-001_RPC_LOCATOR_EXPLOIT
MS03-007_WEBDAV_NTDLL_EXPLOIT
MS03-022_NSIISLOG_ISAPI_EXPLOIT
MS03-026_RPC_DCOM_EXPLOIT
MS03-026_RPC_DCOM_REMACT_EXPLOIT
MS03-043_MESSENGER_SERVICE_EXPLOIT
MS03-046_EXCHANGE_2000_HEAP_EXPLOIT            
MS03-049_WORKSTATION_SERVICE_EXPLOIT            
MS03-051_FRONTPAGE_SERVER_EXTENSION_EXPLOIT     
MS04-007_ASN.1_EXPLOIT                     
MS04-011_LSASS_EXPLOIT
MS04-011_SSL_PCT_EXPLOIT
MS04-011_SSL_PCT_EXPLOIT                        
MS04-017_CRYSTAL_REPORTS_WEB_VIEWER_EXPLOIT     
MS04-030_WEBDAV_XML_MESSAGE_HANDLER_EXPLOIT     
MS04-031_NETDDE_EXPLOIT
MS04-036_NNTP_XPAT_EXPLOIT
MS04-042_DHCP_EXPLOIT
MS04-045_WINS_EXPLOIT
MS05-003_INDEXING_SERVICE_EXPLOIT               
MS05-005_MICROSOFT_OFFICE_XP_BUFFER_OVERFLOW_EXPLOIT
MS05-005_OfficeXP_BufferOverflow_Exploit
MS05-010_LICENSE_LOGGING_SERVICE_EXPLOIT
MS05-011_SMB_Client_Transaction_Response_Exploit
MS05-015_Hyperlink_Object_Library_Exploit
MS05-017_Msmq_Exploit
MS05-021_MSExchange_X-LINK2STATE_Exploit
MS05-030_NNTP_Outlook_Express_News_Reading_Exploit
MS05-039_Plug_And_Play_Remote_Exploit
MS05-041_Remote_Desktop_Protocol_Dos_Exploit
MS05-043_Print_Spooler_Exploit
MS05-044_Internet_Explorer_FTP_Folder_Shell_Extention_Exploit
MS05-046_Client_Services_For_Netware_Exploit
MS05-047_Plug_And_Play_Remote_Exploit
MS05-051_MSDTC_Service_Exploit
MS06-008_Web_Client_Service_Exploit
MS06-018_MSDTC_Service_Exploit
MS06-019_MS_Exchange_Exploit
MS06-025_Routing_and_Remote_Access_Exploit
MS06-035_SERVER_SERVICE_EXPLOIT
MS06-040_Server_Service_Buffer_Overrun_Exploit
MS06-041_DNS_Client_Buffer_Overrun_Exploit
MS06-053_Indexing_Service_CSS_Exploit
MS06-066_Netware_Client_Service_Memory_Corruption_Exploit
MS06-066_Netware_Driver_DOS_Exploit
MS06-070_WORKSTATION_SERVICE_EXPLOIT
MS07-003_MICROSOFT_OUTLOOK_VEVENT_EXPLOIT
MS07-016_FTP_Server_Response_Exploit
MS07-017_WINDOWS_ANIMATED_CURSOR_EXPLOIT
MS07-018_CMS_MEMORY_CORRUPTION_EXPLOIT   
MS07-018_CMS_XSS_EXPLOIT                 
MS07-019_Universal_Plug_and_Play_exploit
MS07-026_IMAP_Literal_Processing_Exploit
MS07-029_WINDOWS_DNS_SERVER_RPC_EXPLOIT
MS07-054_MSN_Messenger_VideoChat_Exploit                 
MS07-058_NTLM_RPC_DOS_EXPLOIT                     
MS07-059_Sharepoint_Scripting_Exploit                    
MS07-065_MSMQ_RPC_EXPLOIT                     
MS07_039_Malformed_Ldap_SearchRequest_Exploit
MS08-063_BUFFER_UNDERFLOW_EXPLOIT
MS08-067_SERVER_SERVICE_REMOTE_EXECUTION_EXPLOIT
MS08-067_Server_Service_Remote_Execution_Exploit
MS09-001_SMB_BUFFER_OVERFLOW_EXPLOIT
MS09-001_SMB_VALIDATION_EXPLOIT
MS09-016_MS_ISA_CROSS_SITE_SCRIPTING_EXPLOIT
MS09-020_IIS_5.0_WEBDAV_AUTH_BYPASS_EXPLOIT
MS09-020_IIS_WEBDAV_AUTH_BYPASS_EXPLOIT
MS09-039_WINS_INTEGER_OVERFLOW_EXPLOIT
MS09-041_WORKSTATION_SERVICE_EXPLOIT
MS09-044_REMOTE_DESKTOP_PROTOCOL_HEAP_EXPLOIT
MS09-050_SMB2_DENIAL_OF_SERVICE_EXPLOIT
MS09-050_SMB_REMOTE_CODE_EXECUTION_EXPLOIT
MS09-053_FTP_IIS_DOS_EXPLOIT
MS09-053_IIS_FTPD_EXPLOIT
MS09-059_LSASS_DOS_EXPLOIT
MS09-063_WSDAPI_MIME_Denial_Of_Service
MS09-070_Active_Directory_Federation_Service_Exploit
MS10-006_SMB_CLIENT_REMOTE_CODE_EXECUTION_EXPLOIT
MS10-012_SMB_SERVER_REMOTE_CODE_EXECUTION_EXPLOIT
MS10-014_KERBEROS_DENIAL_OF_SERVICE_VULNERABILITY
MS10-061_PRINT_SPOOLER_SERVICE_IMPERSONATION_EXPLOIT
MS11-004_IIS_FTP_EXPLOIT
MS11-030_DNS_LLMNR_EXPLOIT
MS11-066_CHART_CONTROL_INFORMATION_DISCLOSURE
MS11-074_XSS_SHAREPOINT_CALENDAR_EXPLOIT
MS11-082_Host_Integration_Server_Denial_Of_Service
MS11-100_ASP_DotNet_Forms_Authentication_Bypass_Exploit
MS11-100_Insecure_Redirect_DotNET_Form_Authentication_Exploit
MS12-040_AX_ENTERPRISE_PORTAL_EXPLOIT
MS12-053_RDP_EXPLOIT
MS12-054-REMOTE_ADMIN_PROTOCOL_EXPLOIT
MS_ICS_DOS_EXPLOIT
MailSlot_Denial_Of_Service_Exploit
NVPDCT_TEST_FILE
Named-Tsig-Tsig0wn_Exploit
Named_Tsig-LucySoft_Exploit
Named_Tsig_Lsd_Exploit
PHPBB_HIGHLIGHT_PARAM_EXPLOIT
POP3_USER_FORMAT_STRING_ATTEMPT_EXPLOIT
POP3_USER_OVERFLOW_EXPLOIT_ATTEMPT
POPTOP_PPTP_NEGATIVE_READ_EXPLOIT               
Php_Blog_Torrent_Traversal_Exploit
Php_Minis_Traversal_Exploit
Php_Phpix_Traversal_Exploit
Php_Phptonuke_Traversal_Exploit
Php_Pntresmailer_Traversal_Exploit
Php_Qwikiwiki_Traversal_Exploit
Php_Simple_Php_Blog_Traversal_Exploit
Php_Viewpage_Disclosure_Exploit
Php_Xoops_Incontent_Traversal_Exploit
Php_autohtml_traversal_exploit
Php_directory_php_exploit
Php_pmachine_exploit
Php_shoutbox_traversal_exploit
PlatinumFTPv1.0.18_DoS_Exploit
PlatinumFTPv1.0.18_Mkdir_Exploit
PlatinumFTPv1.0.18_Rename_Exploit
PlatinumFTPv1.0.18_Username_Exploit
PlatinumFTPv1.0.6_DoS_Exploit
QuickTime_RTSP_Exploit                     
REALSERVER_DESCRIBE_EXPLOIT
RPC_Memory_Alloc_Dos_Exploit
SAMBAR_CROSS_SITE_SCRIPTING_EXPLOIT
SAMBAR_DIRECTORY_TRAVERSAL_AND_DIRECT_FILE_ACCESS_EXPLOIT
SERV-U_FTPD_MDTM_EXPLOIT
SUBVERSION_DATE_SVNSERVE_EXPLOIT
SUNOS_TELNETD_EXPLOIT   
Samba_Frag_Reassembly_Exploit
Sambar6_Search_Results_Exploit
Serv-U_5.2_Stou_Aux_Exploit
Serv-U_5.2_Stou_Com1_Exploit
Serv-U_5.2_Stou_Lpt1_Exploit
Serv-U_5.2_Stou_Prn_Exploit
Squid_NTLM_Authentication_Helper_Exploit
TRENDMICRO_VE_CODE_INJECTION_ATTACK
TRILLIAN_MSN_MODULE_EXPLOIT
UNREAL_TOURNAMENT_2004_EXPLOIT
WAR-FTPD_1.65_PASS_EXPLOIT
Webhints_Open_Exploit
Xml_Rpc_Exploit
eFTPv2.0.7.337_List_Exploit
glFtpD_Site_ZipChk_Exploit
wu-ftpd2.4.2_CwdMkd_Exploit
wu-ftpd2.4.2_CwdPwd_Exploit
wu-ftpd2.6.0_uname_Exploit
wu-ftpd2.6.2.5_cat_Exploit
wu-ftpd2x_Mkd_Exploit
wu-ftpd2x_SiteExec_Exploit

-----------------------------------------------
Malware with Specific Exploit
-----------------------------------------------

BKDR_AGENT.BD
BKDR_AGENT.BZ
BKDR_ALVGUS.B
BKDR_AMANDA.A
BKDR_ASYLUM.11
BKDR_BACKAGE.E
BKDR_BASICHEL.10
BKDR_BDDT.A
BKDR_BLACKCORE.A
BKDR_BLKANGEL.13
BKDR_BREACHPRO.D
BKDR_BSHTRML.A
BKDR_BUGS.A
BKDR_CAFEINI.A
BKDR_CELINE.A
BKDR_CERO.A
BKDR_CHEESER.A
BKDR_CHUPA.A
BKDR_CIADOOR.122
BKDR_COMMANDO.A
BKDR_CONNECT.A
BKDR_CONTOTAL.A
BKDR_CRACKDOWN.A
BKDR_CRAZYNET.A
BKDR_CYN.101
BKDR_DANTON.21
BKDR_DANTON.C
BKDR_DCI.A
BKDR_DEEPTHROT.B
BKDR_DOLY.16
BKDR_DOLY15.A
BKDR_DRAT.130A
BKDR_DSOURCE.A
BKDR_DTR.142
BKDR_DUDDIE.20
BKDR_DUDDIE.31
BKDR_DUDDIE.32
BKDR_ECLYPSE.A
BKDR_EGGBOT.C
BKDR_EXECUTOR.A
BKDR_EXPLOIT.10
BKDR_FDOOR.08
BKDR_FORCEDENT.A
BKDR_FORE.A
BKDR_FRENZY.A
BKDR_GATECRASH.A
BKDR_GF.13
BKDR_GHOST.22
BKDR_GLACIER.A
BKDR_GSPOT.15
BKDR_HELLD.A
BKDR_HELLZADD.12
BKDR_HONSTCON.25
BKDR_HVRAT.5312
BKDR_IGLOO.B
BKDR_INCOM.10
BKDR_INCOM.14
BKDR_INFECTOR.13
BKDR_INFRA.A
BKDR_INSANE.A
BKDR_INSANE1.A
BKDR_INTRUDER.10
BKDR_INTRUZZO.A
BKDR_INVD.A
BKDR_KIDT.A
BKDR_LAME
BKDR_LAST2000
BKDR_MANTIS.10
BKDR_MASAKER11.A
BKDR_MATRIX.A
BKDR_MILL.A
BKDR_MINICOM.10
BKDR_MNEAH.10
BKDR_MOONPIE.13B
BKDR_MOSUCK.10
BKDR_MOSUCK.11
BKDR_MOSUCK.20
BKDR_NETBUS.153
BKDR_NETBUS.170
BKDR_NETBUS.20B
BKDR_NETBUS.BR
BKDR_NETRAIDER.A
BKDR_NETSPHERE.C
BKDR_NETSPY.20B
BKDR_NETTAXI.18
BKDR_NOKNOK.60
BKDR_NOKNOK.A
BKDR_NTCONTROL.A
BKDR_OBLIVION.A
BKDR_OBLIVION.B
BKDR_PCINVADER.A
BKDR_PHASE.10
BKDR_PHOENIX.A
BKDR_PRAYER.12
BKDR_PRIORITY.A
BKDR_PRJNEXT.A
BKDR_PROSIAK
BKDR_PROSIAK.47
BKDR_PSYCHWARD.B
BKDR_R3C.B
BKDR_RATHEAD.A
BKDR_RBT.A
BKDR_REMREV.10B
BKDR_REMREV.15
BKDR_REVENGE.520
BKDR_ROOTBEER.A
BKDR_ROXRAT.10.A
BKDR_RULER.A
BKDR_RVISE.A
BKDR_SATAN.B
BKDR_SCHNECK10.A
BKDR_SHAH.10.A
BKDR_THING.10
BKDR_TRON.A
BKDR_UEXPLAIN.A
BKDR_ULLYSSE.A
BKDR_ULTOR.A
BKDR_VAMPIRE.12
BKDR_VB.AP
BKDR_WANMOTE.30A
BKDR_WARHOME.A
BKDR_WINCRASH.A
BKDR_WINCRASH.B
BKDR_WINMITE.10
BKDR_XANADU.A
BKDR_XLOG.221
BKDR_YAT.302
BKDR_YAT.A
PE_NIMDA.A-WEB_SERVER_FOLDER_TRAVERSAL
PE_XPAJ.C
TROJ_ACIDBAT
TROJ_BUTTMAN.A
TROJ_NETTERO
TROJ_ROLARK.A-WEBDAV
TROJ_ZBOT-HTTP_POST_REQUEST
WORM_AGOBOT.AFQ
WORM_AGOBOT.AIW
WORM_AGOBOT.AJM
WORM_AGOBOT.AJP
WORM_AGOBOT.AJQ
WORM_AGOBOT.AJW
WORM_AGOBOT.AJX
WORM_AGOBOT.CAD
WORM_AGOBOT.GEN-WEBDAV
WORM_BROPIA.A
WORM_BROPIA.B
WORM_BROPIA.C
WORM_BROPIA.D
WORM_BROPIA.E
WORM_BROPIA.F
WORM_BROPIA.G
WORM_BROPIA.H
WORM_BROPIA.I
WORM_BROPIA.J
WORM_BROPIA.N
WORM_CODBOT.A
WORM_CODBOT.B
WORM_CODBOT.E
WORM_CODBOT.F
WORM_CODBOT.J
WORM_DOWNAD.AD
WORM_FATSO.A
WORM_KELVIR.B
WORM_KELVIR.L
WORM_KELVIR.N
WORM_KELVIR.O
WORM_MORTO.SMA
WORM_MYDOOM.BE
WORM_PREX.A
WORM_RBOT.ALR
WORM_RBOT.ALV
WORM_RBOT.AOV
WORM_RINBOT.G
WORM_RINBOT.H
WORM_SDBOT.A0G
WORM_SDBOT.AJK
WORM_SDBOT.ANS
WORM_SDBOT.ANW
WORM_SDBOT.ANX
WORM_SDBOT.APH
WORM_SDBOT.AUL
WORM_SDBOT.AUO
WORM_SDBOT.BLL
WORM_SPYBOT.AFD
WORM_STUXNET_SMB_P2P
WORM_VERFUN.A
WORM_VOBFUS.SMA
WORM_WOOTBOT.GA
WORM_WOOTBOT.GE
WORM_WOOTBOT.GH


----------------------------------------------
NETWORK Malwares (GENERIC)
-----------------------------------------------

CODERED.A
GENERIC_BOT_ACTIVITY_POST
GENERIC_BOT_ACTIVITY_UPLOAD
WORM_SQLP1434.A
WORM_WITTY.A


-----------------------------------------------
Mass-Mailer Malware
-----------------------------------------------

WORM_BAGLE.BE
WORM_MYTOB.MX
WORM_SOBER.AC
WORM_SOBER.AG


-----------------------------------------------
Dropped Malware
-----------------------------------------------



-----------------------------------------------------------------------------
         Copyright 2004-2013  Trend Micro, Inc. All rights reserved.
-----------------------------------------------------------------------------

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x

评分

参与人数 2人气 +2 收起 理由
huihui458 + 1
驭龙 + 1

查看全部评分

寒山竹语
发表于 2015-1-3 09:42:40 来自手机 | 显示全部楼层
趋势大法这特征是怎么搞得呢…莫非这个也是索引?
尘梦幽然
 楼主| 发表于 2015-1-3 10:07:46 | 显示全部楼层
寒山竹语 发表于 2015-1-3 09:42
趋势大法这特征是怎么搞得呢…莫非这个也是索引?


不可能的吧,,这种东西就算是诺顿那样的大咖也不会大到哪去,一般都放本地的吧。
而且很有意思的是,这东西的发布时区是GMT+8!!!
其他Pattern的发布时区一般都是GMT-8的
寒山竹语
发表于 2015-1-3 10:13:06 来自手机 | 显示全部楼层
尘梦幽然 发表于 2015-1-3 10:07
不可能的吧,,这种东西就算是诺顿那样的大咖也不会大到哪去,一般都放本地的吧。
而且很有意思的是, ...

能解读真正原因的大神太少了……趋势目前令我最大遗憾的是样本入库速度一般,其余都是比较满意的。
Ps:你的意思是中国人做的?哈哈…
尘梦幽然
 楼主| 发表于 2015-1-3 10:15:06 | 显示全部楼层
寒山竹语 发表于 2015-1-3 10:13
能解读真正原因的大神太少了……趋势目前令我最大遗憾的是样本入库速度一般,其余都是比较满意的。
Ps: ...

不一定吧。
GMT+8我能想到的有三个地方:中国大陆、台湾或者菲律宾。
寒山竹语
发表于 2015-1-3 10:21:25 来自手机 | 显示全部楼层
本帖最后由 寒山竹语 于 2015-1-3 10:22 编辑
尘梦幽然 发表于 2015-1-3 10:15
不一定吧。
GMT+8我能想到的有三个地方:中国大陆、台湾或者菲律宾。


那就是菲律宾了…
话说我对大陆基本是持失望状态的。尤其目前在这种高压之下,更是碌碌无为了。
又话说照这样发展,铁壳个人版可能要第一个倒下去。
又说回来,趋势无论怎么做,在卡饭也是完蛋的!想让趋势火起来只有一个办法,那就是彻底放弃web信誉肯定能火
尘梦幽然
 楼主| 发表于 2015-1-3 10:23:35 | 显示全部楼层
寒山竹语 发表于 2015-1-3 10:21
那就是菲律宾了…
话说我对大陆基本是持失望状态的。尤其目前在这种高压之下,更是碌碌无为了。
又话说 ...

我是觉得趋势简中个人版干脆并入企业版云好了...节省成本而且可以提高可靠性。
然后谁倒不倒,,这种事情和我没什么关系。反正趋势只要一天在中国企业版还能赚钱,就一天还得继续收集中国本土病毒样本,所以没必要太担心。
寒山竹语
发表于 2015-1-3 10:26:02 来自手机 | 显示全部楼层
尘梦幽然 发表于 2015-1-3 10:23
我是觉得趋势简中个人版干脆并入企业版云好了...节省成本而且可以提高可靠性。
然后谁倒不倒,,这种事 ...

如果注册机不这么疯狂,是有并入的可能……目前倒是有被玩死的可能…
尘梦幽然
 楼主| 发表于 2015-1-3 10:28:14 | 显示全部楼层
寒山竹语 发表于 2015-1-3 10:26
如果注册机不这么疯狂,是有并入的可能……目前倒是有被玩死的可能…


不过现在来看8.0简中确实改善了不少,算是用了点心思...
但是我就是不明白为什么要突然对个人版大发慈悲呢?
所以我想应该是并入企业云的节奏
寒山竹语
发表于 2015-1-3 10:30:49 来自手机 | 显示全部楼层
尘梦幽然 发表于 2015-1-3 10:28
不过现在来看8.0简中确实改善了不少,算是用了点心思...
但是我就是不明白为什么要突然对个人版大发慈 ...

按照目前局势看,2016版本能做什么?除了例行的引擎优化外,最大可能应该是各种病毒码的各种优化问题吧?新技术压根不太可能出现的…
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-22 13:21 , Processed in 0.128823 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表