A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #13525  by 360Tencent
 Wed May 30, 2012 12:03 am
http://blog.trendmicro.com/flame-malwar ... landscape/

http://www.securelist.com/en/blog/20819 ... eetleJuice

http://blog.damballa.com/?p=1663
There is of course some debate starting about the first detection of Flamer. Given the malware’s size and number of constituent components it shouldn’t be surprising to hear that some pieces of it may have been detected as far back as March 1st 2010 – such as the file “~ZFF042.TMP” (also seen as MSSECMGR.OCX and 07568402.TMP) – analyzed by Webroot and attributed to a system in Iran.
https://www.prevx.com/filenames/X835863 ... 2.TMP.html
 #13532  by kmd
 Wed May 30, 2012 11:36 am
Image

:lol:
 #13537  by rkhunter
 Wed May 30, 2012 12:59 pm
EP_X0FF wrote:So myth about undetectable for years deployment ruined. Awaiting entartaiment posts at securelist.
Seems it can't tell that it was targeted to some country except it saw it before...
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 14