[32个赞]0.1M能做什么？！趋势网络攻击特征库显神威

尘梦幽然

101.86K能做什么？对于一个杀毒软件而言，可能最常想到的就是本地MD5云查杀缓存了吧...可是就算是云查杀缓存，也没有这么小的啊？
看好了，趋势大法告诉你，只要101.86K就能存下针对507种网络攻击特征（包括对某一类型，比如bot网络）的检测规则！
有了这样可怕的整合能力，趋势有身材堪称迷你的病毒码也就不足为奇啦。

----------------------------------------------------------------------------
                                 Trend  Micro
                       New Network Virus Pattern Release
-----------------------------------------------------------------------------

Pattern: 10335
Release: Created to detect CVE-2014-6321 UDP DTLS SCHANNEL exploit attempts. The number of bytes that can pass through the nextwork should be 28 bytes.
Notes: CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT

                                                                          
December 05, 2014, 06:40:30 PM (GMT +08:00)



-----------------------------------------------------------------------------
New Detection:
-----------------------------------------------------------------------------

There is/are [1] new addition to the pattern file.
Please refer to the list below for all detail of the name(s).

CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT


-----------------------------------------------------------------------------
Network Virus Pattern Modified:
-----------------------------------------------------------------------------


-----------------------------------------------------------------------------
Network Virus Pattern Name Changed:
-----------------------------------------------------------------------------

Old Name                                                New Name
--------------                                          --------------




Exploits Detected by the Current Pattern
-----------------------------------------------
Exploit
-----------------------------------------------

APACHE_PHP_EXE_EXPLOIT
AWSTATS_CONFIGDIR_EXPLOIT
Allaire_ColdFusion5.0_Exploit
Allaire_JRunv.3.1a_Exploit
Allaire_JRunv.3.1b_Exploit
Apache1.3.24_Chunked_Exploit
Apache1.3.24_Chunked_scalp_Exploit
Apache_Chunked_Encoding_Exploit
AppleFileServer_LoginExt_Exploit
ArGoSoft_v1.4.1.4_SiteCopy_Exploit
ArGoSoft_v1.4.1.4_SiteUnzip_Exploit
ArGoSoft_v1.4.1.4_SiteZip_Exploit
ArGoSoft_v1.4.1.4_SiteZipstorm_Exploit
ArGoSoft_v1.4.2.8_Delete_Exploit
Awstats_Rawlog_Logfile_Exploit
BadBlue_v2.55_mfcisapicommand_Exploit
CGI_ALCHEMY_EXPLOIT
CGI_HOMEFREE_SEARCH_TRAVERSAL_EXPLOIT
CGI_IMAGEFOLIO_TRAVERSAL_EXPLOIT
CGI_TECHNOTE_DIRECTORY_TRAVERSAL_EXPLOIT
CGI_YABB_CROSSSITE_EXPLOIT
CVE-2007-1070_SERVERPROTECT_EXPLOIT
CVE-2011-0654_BROWSER_ELECTION_EXPLOIT
CVE-2012-0002_Remote_Desktop_Protocol_Exploit
CVE-2012-0017_MICROSOFT_SHAREPOINT_EXPLOIT
CVE-2012-0145_MICROSOFT_SHAREPOINT_EXPLOIT
CVE-2012-0779_OBJECT_TYPE_CONFUSION
CVE-2012-1851-PRINT_SPOOLER_SERVICE_EXPLOIT
CVE-2012-1859_SHAREPOINT_EXPLOIT
CVE-2012-1863_SHAREPOINT_EXPLOIT
CVE-2012-4774-WINDOWS_FILENAME_PARSING_EXPLOIT
CVE-2013-0005_OPEN_DATA_PROTOCOL_EXPLOIT
CVE-2013-0010_SCOM_XSS_EXPLOIT
CVE-2013-1305-HTTP_DENIAL_OF_SERVICE_VULNERABILITY
CVE-2013-0081-SHAREPOINT_SERVER_HTTP_EXPLOIT_ATTEMPT
CVE-2013-3180-SHAREPOINT_POST_XSS_EXPLOIT
CVE-2013-3895-SHAREPOINT_EDITFORM_XSS_EXPLOIT
CVE-2014-6271-SHELLSHOCK_REQUEST
CVE-2014-6321-UDP_DTLS_SCHANNEL_EXPLOIT
Cgi_A1stats_Traversal_Exploit
Cgi_AT_Zml_Exploit
Cgi_Agora_CrossSite_Exploit
Cgi_Anacondaclip_Traversal_Exploit
Cgi_Apache1.3.23_bat_copy_Exploit
Cgi_Apache1.3.23_bat_dir_Exploit
Cgi_Apache1.3.23_bat_echo_Exploit
Cgi_Apache2.0.39_Traversal_Exploit
Cgi_Apache_Backslash_Traversal_Exploit
Cgi_Auktion_Traversal_Exploit
Cgi_Bizdb_Remote_Execution_Exploit
Cgi_Brio_Unix_Traversal_Exploit
Cgi_Cart32v3.0_Pswd_Exploit
Cgi_Cart32v3.0_clientlist_Exploit
Cgi_Cart32v3.0_expdate_Exploit
Cgi_Cgiforum_Traversal_Exploit
Cgi_Cis_Commerce_Traversal_Exploit
Cgi_Cssearch_Remote_Execution_Exploit
Cgi_Dbman_Disclosure_Exploit
Cgi_Eboard_Traversal_Exploit
Cgi_Empower_Disclosure_Exploit
Cgi_FileParse_cmd_Exploit
Cgi_FileParse_dir_Exploit
Cgi_FileParse_exedir_Exploit
Cgi_Forum_Icq_CrossSite_Exploit
Cgi_Genindexpage_Traversal_Exploit
Cgi_Get32_Remote_Execution_Exploit
Cgi_Gotopage_Traversal_Exploit
Cgi_Hylafax_Faxsurvey_passwd_Exploit
Cgi_Infosrch_Remote_Execution_Exploit
Cgi_LW_WebBlog_Remote_Execution_Exploit
Cgi_Ldaccgi_Traversal_Exploit
Cgi_Ldap_Traversal_Exploit
Cgi_Linuxstat_Traversal_Exploit
Cgi_Master_Index_Traversal_Exploit
Cgi_Mathsum_Mscgi_Exploit
Cgi_Mmstdod_Exploit
Cgi_Mrtg_Traversal_Exploit
Cgi_Multihtml_Disclosure_Exploit
Cgi_Nbmember_Disclosure_Exploit
Cgi_Ncbook_Remote_Execution_Exploit
Cgi_Neocgi_Traversal_Exploit
Cgi_Nph_Test_Disclosure_Exploit
Cgi_Ows_Bin_Exploit
Cgi_Pollit_Disclosure_Exploit
Cgi_Psunami_Remote_Execution_Exploit
Cgi_Rot13sj_Disclosure_Exploit
Cgi_Sambar_Batch_Remote_Execution_Exploit
Cgi_Shopping_Index_Traversal_Exploit
Cgi_Squid_CacheMgr_Exploit
Cgi_TA_Store_Traversal_Exploit
Cgi_Tstbat_Remote_Execution_Exploit
Cgi_Unicode_Traversal_copy_Exploit
Cgi_Unicode_Traversal_echo_Exploit
Cgi_Unicode_Traversal_msadc_Exploit
Cgi_Unicode_Traversal_script_Exploit
Cgi_VW_Ftpsave_Csp_Exploit
Cgi_Wayboard_Exploit
Cgi_Webapps_Traversal_Exploit
Cgi_Webboard_Traversal_Exploit
Cgi_Webcart_Remote_Execution_Exploit
Cgi_Webdist_Remote_Execution_Exploit
Cgi_Webpals_Exploit
Cgi_Webtop_Traversal_Exploit
Cgi_ads_command_exploit
Cgi_anaconda_traversal_exploit
Cgi_cached_feed_traversal_exploit
Cgi_directorypro_exploit
Cgi_extropia_traversal_exploit
Cgi_formhandler_traversal
Cgi_hyperseek_exploit
Cgi_iisadmpwd_WebTraversal_Exploit
Cgi_sojourn_exploit
Cgi_storypl_exploit
Cgi_ttawebtop_exploit
Cgi_viewsource_exploit
Cgi_webplus_exploit
Cgi_webspirs_traversal_exploit
Cgi_wwwboard_passwd_exploit
Cisco_IOS_Http_Server_Authentication_Exploit
CrystalFTPProv2.8_Exploit
DISTCC_DAEMON_EXPLOIT
FRONTPAGE2000_SERVER_EXTENSIONS_DOS_EXPLOIT
FRONTPAGE_FOURDOTS_EXPLOIT
FTP_USER_OVERFLOW_ATTEMPT_EXPLOIT
Ftp_Netterm_dele_Exploit
Ftp_Netterm_dir_Exploit
Ftp_Netterm_ls_Exploit
GuildFTPv0.99.2_Sizedot_Exploit
HTTP_SYSIE_REQUEST
Http_Count_Pl_Traversal_Exploit
Http_Double_Percent_Exploit
Http_Kebi_Academy_Traversal_Exploit
Http_Lotus_Domino_Traversal_Exploit
Http_Myserver_Traversal_Exploit
Http_Netbasic_Ss_Traversal_Exploit
Http_Oc_Dsl_812_Exploit
Http_Oracle_Lib_Exploit
Http_Perl_Traversal_Exploit
Http_Php_Strings_Exploit
Http_Privatepy_Traversal_Exploit
Http_Pweb_Isapi_Exploit
Http_Tomcat_Traversal_Exploit
Http_visadmin_exploit
Http_vw_catinfo_exploit
IA_WEBMAIL_SERVER_3.X_EXPLOIT                  
IIS_W3WHO_DLL_EXPLOIT
IMail_LDAP_Service_Exploit
ISS_Pam.dll_ICQ_Parser_Exploit
KINGVIEW_SCADA_HMI_HEAP_OVERFLOW_EXPLOIT
MERCANTEC_SOFTCART_CGI_EXPLOIT
MS00-006_Malformed_Highlight_Arg_Exploit
MS00-028_SERVERSIDE_IMAGE_MAP_COMPONENTS_EXPLOIT
MS01-023_ISAPI_EXTENSION_EXPLOIT
MS01-026_FTP_WILDCARD_DOS_EXPLOIT
MS010-024_SMTP_SERVER_MX_RECORD_EXPLOIT
MS010-025_MEDIA_SERVICES_BUFFER_OVERFLOW_EXPLOIT
MS010-054_SMB_POOL_OVERFLOW_EXPLOIT
MS010-065_DIRECTORY_AUTHENTICATION_BYPASS_EXPLOIT
MS010-065_DIRECTORY_AUTHENTICATION_BYPASS_EXPLOIT      
MS02-056_SQL_HELLO_EXPLOIT
MS03-001_RPC_LOCATOR_EXPLOIT
MS03-007_WEBDAV_NTDLL_EXPLOIT
MS03-022_NSIISLOG_ISAPI_EXPLOIT
MS03-026_RPC_DCOM_EXPLOIT
MS03-026_RPC_DCOM_REMACT_EXPLOIT
MS03-043_MESSENGER_SERVICE_EXPLOIT
MS03-046_EXCHANGE_2000_HEAP_EXPLOIT            
MS03-049_WORKSTATION_SERVICE_EXPLOIT            
MS03-051_FRONTPAGE_SERVER_EXTENSION_EXPLOIT     
MS04-007_ASN.1_EXPLOIT                     
MS04-011_LSASS_EXPLOIT
MS04-011_SSL_PCT_EXPLOIT
MS04-011_SSL_PCT_EXPLOIT                        
MS04-017_CRYSTAL_REPORTS_WEB_VIEWER_EXPLOIT     
MS04-030_WEBDAV_XML_MESSAGE_HANDLER_EXPLOIT     
MS04-031_NETDDE_EXPLOIT
MS04-036_NNTP_XPAT_EXPLOIT
MS04-042_DHCP_EXPLOIT
MS04-045_WINS_EXPLOIT
MS05-003_INDEXING_SERVICE_EXPLOIT               
MS05-005_MICROSOFT_OFFICE_XP_BUFFER_OVERFLOW_EXPLOIT
MS05-005_OfficeXP_BufferOverflow_Exploit
MS05-010_LICENSE_LOGGING_SERVICE_EXPLOIT
MS05-011_SMB_Client_Transaction_Response_Exploit
MS05-015_Hyperlink_Object_Library_Exploit
MS05-017_Msmq_Exploit
MS05-021_MSExchange_X-LINK2STATE_Exploit
MS05-030_NNTP_Outlook_Express_News_Reading_Exploit
MS05-039_Plug_And_Play_Remote_Exploit
MS05-041_Remote_Desktop_Protocol_Dos_Exploit
MS05-043_Print_Spooler_Exploit
MS05-044_Internet_Explorer_FTP_Folder_Shell_Extention_Exploit
MS05-046_Client_Services_For_Netware_Exploit
MS05-047_Plug_And_Play_Remote_Exploit
MS05-051_MSDTC_Service_Exploit
MS06-008_Web_Client_Service_Exploit
MS06-018_MSDTC_Service_Exploit
MS06-019_MS_Exchange_Exploit
MS06-025_Routing_and_Remote_Access_Exploit
MS06-035_SERVER_SERVICE_EXPLOIT
MS06-040_Server_Service_Buffer_Overrun_Exploit
MS06-041_DNS_Client_Buffer_Overrun_Exploit
MS06-053_Indexing_Service_CSS_Exploit
MS06-066_Netware_Client_Service_Memory_Corruption_Exploit
MS06-066_Netware_Driver_DOS_Exploit
MS06-070_WORKSTATION_SERVICE_EXPLOIT
MS07-003_MICROSOFT_OUTLOOK_VEVENT_EXPLOIT
MS07-016_FTP_Server_Response_Exploit
MS07-017_WINDOWS_ANIMATED_CURSOR_EXPLOIT
MS07-018_CMS_MEMORY_CORRUPTION_EXPLOIT   
MS07-018_CMS_XSS_EXPLOIT                 
MS07-019_Universal_Plug_and_Play_exploit
MS07-026_IMAP_Literal_Processing_Exploit
MS07-029_WINDOWS_DNS_SERVER_RPC_EXPLOIT
MS07-054_MSN_Messenger_VideoChat_Exploit                 
MS07-058_NTLM_RPC_DOS_EXPLOIT                     
MS07-059_Sharepoint_Scripting_Exploit                    
MS07-065_MSMQ_RPC_EXPLOIT                     
MS07_039_Malformed_Ldap_SearchRequest_Exploit
MS08-063_BUFFER_UNDERFLOW_EXPLOIT
MS08-067_SERVER_SERVICE_REMOTE_EXECUTION_EXPLOIT
MS08-067_Server_Service_Remote_Execution_Exploit
MS09-001_SMB_BUFFER_OVERFLOW_EXPLOIT
MS09-001_SMB_VALIDATION_EXPLOIT
MS09-016_MS_ISA_CROSS_SITE_SCRIPTING_EXPLOIT
MS09-020_IIS_5.0_WEBDAV_AUTH_BYPASS_EXPLOIT
MS09-020_IIS_WEBDAV_AUTH_BYPASS_EXPLOIT
MS09-039_WINS_INTEGER_OVERFLOW_EXPLOIT
MS09-041_WORKSTATION_SERVICE_EXPLOIT
MS09-044_REMOTE_DESKTOP_PROTOCOL_HEAP_EXPLOIT
MS09-050_SMB2_DENIAL_OF_SERVICE_EXPLOIT
MS09-050_SMB_REMOTE_CODE_EXECUTION_EXPLOIT
MS09-053_FTP_IIS_DOS_EXPLOIT
MS09-053_IIS_FTPD_EXPLOIT
MS09-059_LSASS_DOS_EXPLOIT
MS09-063_WSDAPI_MIME_Denial_Of_Service
MS09-070_Active_Directory_Federation_Service_Exploit
MS10-006_SMB_CLIENT_REMOTE_CODE_EXECUTION_EXPLOIT
MS10-012_SMB_SERVER_REMOTE_CODE_EXECUTION_EXPLOIT
MS10-014_KERBEROS_DENIAL_OF_SERVICE_VULNERABILITY
MS10-061_PRINT_SPOOLER_SERVICE_IMPERSONATION_EXPLOIT
MS11-004_IIS_FTP_EXPLOIT
MS11-030_DNS_LLMNR_EXPLOIT
MS11-066_CHART_CONTROL_INFORMATION_DISCLOSURE
MS11-074_XSS_SHAREPOINT_CALENDAR_EXPLOIT
MS11-082_Host_Integration_Server_Denial_Of_Service
MS11-100_ASP_DotNet_Forms_Authentication_Bypass_Exploit
MS11-100_Insecure_Redirect_DotNET_Form_Authentication_Exploit
MS12-040_AX_ENTERPRISE_PORTAL_EXPLOIT
MS12-053_RDP_EXPLOIT
MS12-054-REMOTE_ADMIN_PROTOCOL_EXPLOIT
MS_ICS_DOS_EXPLOIT
MailSlot_Denial_Of_Service_Exploit
NVPDCT_TEST_FILE
Named-Tsig-Tsig0wn_Exploit
Named_Tsig-LucySoft_Exploit
Named_Tsig_Lsd_Exploit
PHPBB_HIGHLIGHT_PARAM_EXPLOIT
POP3_USER_FORMAT_STRING_ATTEMPT_EXPLOIT
POP3_USER_OVERFLOW_EXPLOIT_ATTEMPT
POPTOP_PPTP_NEGATIVE_READ_EXPLOIT               
Php_Blog_Torrent_Traversal_Exploit
Php_Minis_Traversal_Exploit
Php_Phpix_Traversal_Exploit
Php_Phptonuke_Traversal_Exploit
Php_Pntresmailer_Traversal_Exploit
Php_Qwikiwiki_Traversal_Exploit
Php_Simple_Php_Blog_Traversal_Exploit
Php_Viewpage_Disclosure_Exploit
Php_Xoops_Incontent_Traversal_Exploit
Php_autohtml_traversal_exploit
Php_directory_php_exploit
Php_pmachine_exploit
Php_shoutbox_traversal_exploit
PlatinumFTPv1.0.18_DoS_Exploit
PlatinumFTPv1.0.18_Mkdir_Exploit
PlatinumFTPv1.0.18_Rename_Exploit
PlatinumFTPv1.0.18_Username_Exploit
PlatinumFTPv1.0.6_DoS_Exploit
QuickTime_RTSP_Exploit                     
REALSERVER_DESCRIBE_EXPLOIT
RPC_Memory_Alloc_Dos_Exploit
SAMBAR_CROSS_SITE_SCRIPTING_EXPLOIT
SAMBAR_DIRECTORY_TRAVERSAL_AND_DIRECT_FILE_ACCESS_EXPLOIT
SERV-U_FTPD_MDTM_EXPLOIT
SUBVERSION_DATE_SVNSERVE_EXPLOIT
SUNOS_TELNETD_EXPLOIT   
Samba_Frag_Reassembly_Exploit
Sambar6_Search_Results_Exploit
Serv-U_5.2_Stou_Aux_Exploit
Serv-U_5.2_Stou_Com1_Exploit
Serv-U_5.2_Stou_Lpt1_Exploit
Serv-U_5.2_Stou_Prn_Exploit
Squid_NTLM_Authentication_Helper_Exploit
TRENDMICRO_VE_CODE_INJECTION_ATTACK
TRILLIAN_MSN_MODULE_EXPLOIT
UNREAL_TOURNAMENT_2004_EXPLOIT
WAR-FTPD_1.65_PASS_EXPLOIT
Webhints_Open_Exploit
Xml_Rpc_Exploit
eFTPv2.0.7.337_List_Exploit
glFtpD_Site_ZipChk_Exploit
wu-ftpd2.4.2_CwdMkd_Exploit
wu-ftpd2.4.2_CwdPwd_Exploit
wu-ftpd2.6.0_uname_Exploit
wu-ftpd2.6.2.5_cat_Exploit
wu-ftpd2x_Mkd_Exploit
wu-ftpd2x_SiteExec_Exploit

-----------------------------------------------
Malware with Specific Exploit
-----------------------------------------------

BKDR_AGENT.BD
BKDR_AGENT.BZ
BKDR_ALVGUS.B
BKDR_AMANDA.A
BKDR_ASYLUM.11
BKDR_BACKAGE.E
BKDR_BASICHEL.10
BKDR_BDDT.A
BKDR_BLACKCORE.A
BKDR_BLKANGEL.13
BKDR_BREACHPRO.D
BKDR_BSHTRML.A
BKDR_BUGS.A
BKDR_CAFEINI.A
BKDR_CELINE.A
BKDR_CERO.A
BKDR_CHEESER.A
BKDR_CHUPA.A
BKDR_CIADOOR.122
BKDR_COMMANDO.A
BKDR_CONNECT.A
BKDR_CONTOTAL.A
BKDR_CRACKDOWN.A
BKDR_CRAZYNET.A
BKDR_CYN.101
BKDR_DANTON.21
BKDR_DANTON.C
BKDR_DCI.A
BKDR_DEEPTHROT.B
BKDR_DOLY.16
BKDR_DOLY15.A
BKDR_DRAT.130A
BKDR_DSOURCE.A
BKDR_DTR.142
BKDR_DUDDIE.20
BKDR_DUDDIE.31
BKDR_DUDDIE.32
BKDR_ECLYPSE.A
BKDR_EGGBOT.C
BKDR_EXECUTOR.A
BKDR_EXPLOIT.10
BKDR_FDOOR.08
BKDR_FORCEDENT.A
BKDR_FORE.A
BKDR_FRENZY.A
BKDR_GATECRASH.A
BKDR_GF.13
BKDR_GHOST.22
BKDR_GLACIER.A
BKDR_GSPOT.15
BKDR_HELLD.A
BKDR_HELLZADD.12
BKDR_HONSTCON.25
BKDR_HVRAT.5312
BKDR_IGLOO.B
BKDR_INCOM.10
BKDR_INCOM.14
BKDR_INFECTOR.13
BKDR_INFRA.A
BKDR_INSANE.A
BKDR_INSANE1.A
BKDR_INTRUDER.10
BKDR_INTRUZZO.A
BKDR_INVD.A
BKDR_KIDT.A
BKDR_LAME
BKDR_LAST2000
BKDR_MANTIS.10
BKDR_MASAKER11.A
BKDR_MATRIX.A
BKDR_MILL.A
BKDR_MINICOM.10
BKDR_MNEAH.10
BKDR_MOONPIE.13B
BKDR_MOSUCK.10
BKDR_MOSUCK.11
BKDR_MOSUCK.20
BKDR_NETBUS.153
BKDR_NETBUS.170
BKDR_NETBUS.20B
BKDR_NETBUS.BR
BKDR_NETRAIDER.A
BKDR_NETSPHERE.C
BKDR_NETSPY.20B
BKDR_NETTAXI.18
BKDR_NOKNOK.60
BKDR_NOKNOK.A
BKDR_NTCONTROL.A
BKDR_OBLIVION.A
BKDR_OBLIVION.B
BKDR_PCINVADER.A
BKDR_PHASE.10
BKDR_PHOENIX.A
BKDR_PRAYER.12
BKDR_PRIORITY.A
BKDR_PRJNEXT.A
BKDR_PROSIAK
BKDR_PROSIAK.47
BKDR_PSYCHWARD.B
BKDR_R3C.B
BKDR_RATHEAD.A
BKDR_RBT.A
BKDR_REMREV.10B
BKDR_REMREV.15
BKDR_REVENGE.520
BKDR_ROOTBEER.A
BKDR_ROXRAT.10.A
BKDR_RULER.A
BKDR_RVISE.A
BKDR_SATAN.B
BKDR_SCHNECK10.A
BKDR_SHAH.10.A
BKDR_THING.10
BKDR_TRON.A
BKDR_UEXPLAIN.A
BKDR_ULLYSSE.A
BKDR_ULTOR.A
BKDR_VAMPIRE.12
BKDR_VB.AP
BKDR_WANMOTE.30A
BKDR_WARHOME.A
BKDR_WINCRASH.A
BKDR_WINCRASH.B
BKDR_WINMITE.10
BKDR_XANADU.A
BKDR_XLOG.221
BKDR_YAT.302
BKDR_YAT.A
PE_NIMDA.A-WEB_SERVER_FOLDER_TRAVERSAL
PE_XPAJ.C
TROJ_ACIDBAT
TROJ_BUTTMAN.A
TROJ_NETTERO
TROJ_ROLARK.A-WEBDAV
TROJ_ZBOT-HTTP_POST_REQUEST
WORM_AGOBOT.AFQ
WORM_AGOBOT.AIW
WORM_AGOBOT.AJM
WORM_AGOBOT.AJP
WORM_AGOBOT.AJQ
WORM_AGOBOT.AJW
WORM_AGOBOT.AJX
WORM_AGOBOT.CAD
WORM_AGOBOT.GEN-WEBDAV
WORM_BROPIA.A
WORM_BROPIA.B
WORM_BROPIA.C
WORM_BROPIA.D
WORM_BROPIA.E
WORM_BROPIA.F
WORM_BROPIA.G
WORM_BROPIA.H
WORM_BROPIA.I
WORM_BROPIA.J
WORM_BROPIA.N
WORM_CODBOT.A
WORM_CODBOT.B
WORM_CODBOT.E
WORM_CODBOT.F
WORM_CODBOT.J
WORM_DOWNAD.AD
WORM_FATSO.A
WORM_KELVIR.B
WORM_KELVIR.L
WORM_KELVIR.N
WORM_KELVIR.O
WORM_MORTO.SMA
WORM_MYDOOM.BE
WORM_PREX.A
WORM_RBOT.ALR
WORM_RBOT.ALV
WORM_RBOT.AOV
WORM_RINBOT.G
WORM_RINBOT.H
WORM_SDBOT.A0G
WORM_SDBOT.AJK
WORM_SDBOT.ANS
WORM_SDBOT.ANW
WORM_SDBOT.ANX
WORM_SDBOT.APH
WORM_SDBOT.AUL
WORM_SDBOT.AUO
WORM_SDBOT.BLL
WORM_SPYBOT.AFD
WORM_STUXNET_SMB_P2P
WORM_VERFUN.A
WORM_VOBFUS.SMA
WORM_WOOTBOT.GA
WORM_WOOTBOT.GE
WORM_WOOTBOT.GH


----------------------------------------------
NETWORK Malwares (GENERIC)
-----------------------------------------------

CODERED.A
GENERIC_BOT_ACTIVITY_POST
GENERIC_BOT_ACTIVITY_UPLOAD
WORM_SQLP1434.A
WORM_WITTY.A


-----------------------------------------------
Mass-Mailer Malware
-----------------------------------------------

WORM_BAGLE.BE
WORM_MYTOB.MX
WORM_SOBER.AC
WORM_SOBER.AG


-----------------------------------------------
Dropped Malware
-----------------------------------------------



-----------------------------------------------------------------------------
         Copyright 2004-2013  Trend Micro, Inc. All rights reserved.
-----------------------------------------------------------------------------

寒山竹语

趋势大法这特征是怎么搞得呢…莫非这个也是索引？

尘梦幽然

寒山竹语 发表于 2015-1-3 09:42
趋势大法这特征是怎么搞得呢…莫非这个也是索引？

不可能的吧，，这种东西就算是诺顿那样的大咖也不会大到哪去，一般都放本地的吧。
而且很有意思的是，这东西的发布时区是GMT+8！！！
其他Pattern的发布时区一般都是GMT-8的

寒山竹语

尘梦幽然 发表于 2015-1-3 10:07
不可能的吧，，这种东西就算是诺顿那样的大咖也不会大到哪去，一般都放本地的吧。
而且很有意思的是， ...

能解读真正原因的大神太少了……趋势目前令我最大遗憾的是样本入库速度一般，其余都是比较满意的。
Ps:你的意思是中国人做的？哈哈…

尘梦幽然

寒山竹语 发表于 2015-1-3 10:13
能解读真正原因的大神太少了……趋势目前令我最大遗憾的是样本入库速度一般，其余都是比较满意的。
Ps: ...

不一定吧。
GMT+8我能想到的有三个地方：中国大陆、台湾或者菲律宾。

寒山竹语

尘梦幽然 发表于 2015-1-3 10:15
不一定吧。
GMT+8我能想到的有三个地方：中国大陆、台湾或者菲律宾。

那就是菲律宾了…
话说我对大陆基本是持失望状态的。尤其目前在这种高压之下，更是碌碌无为了。
又话说照这样发展，铁壳个人版可能要第一个倒下去。
又说回来，趋势无论怎么做，在卡饭也是完蛋的！想让趋势火起来只有一个办法，那就是彻底放弃web信誉肯定能火

尘梦幽然

寒山竹语 发表于 2015-1-3 10:21
那就是菲律宾了…
话说我对大陆基本是持失望状态的。尤其目前在这种高压之下，更是碌碌无为了。
又话说 ...

我是觉得趋势简中个人版干脆并入企业版云好了...节省成本而且可以提高可靠性。
然后谁倒不倒，，这种事情和我没什么关系。反正趋势只要一天在中国企业版还能赚钱，就一天还得继续收集中国本土病毒样本，所以没必要太担心。

寒山竹语

尘梦幽然 发表于 2015-1-3 10:23
我是觉得趋势简中个人版干脆并入企业版云好了...节省成本而且可以提高可靠性。
然后谁倒不倒，，这种事 ...

如果注册机不这么疯狂，是有并入的可能……目前倒是有被玩死的可能…

尘梦幽然

寒山竹语 发表于 2015-1-3 10:26
如果注册机不这么疯狂，是有并入的可能……目前倒是有被玩死的可能…

不过现在来看8.0简中确实改善了不少，算是用了点心思...
但是我就是不明白为什么要突然对个人版大发慈悲呢？
所以我想应该是并入企业云的节奏

寒山竹语

尘梦幽然 发表于 2015-1-3 10:28
不过现在来看8.0简中确实改善了不少，算是用了点心思...
但是我就是不明白为什么要突然对个人版大发慈 ...

按照目前局势看，2016版本能做什么？除了例行的引擎优化外，最大可能应该是各种病毒码的各种优化问题吧？新技术压根不太可能出现的…