Tag: Waldek Trojan

seevu.net Waldek Trojan Hosted In (Netherlands Dronten Disk Group Ltd.)


Behaviours 1 Attempts connections to suspicious countries 2 Automatically unpack its own code 3 Creates hook to unknown module 4 Injects code into other processes 5 Makes DNS lookup of recently registered domain 6 Runs existing executable Dns Lookup seevu.net siloovoox.net Sample here : hxxp://www.datafilehost.com/d/384b8efc Hosting Infos : http://whois.domaintools.com/