[leeno]

Hi Guys ,

I am trying for Varpes ( Microsoft detection ) samples unfortunately Microsoft lacks details about these new detection which use !cl at end in name . Don't know what this !cl stands for in Microsoft name .

MS reference Details

Name : Trojan:Win32/Varpes.I!cl
MS Details : https://www.microsoft.com/security/port ... arpes.I!cl

Name : Trojan:Win32/Varpes.C!cl
MS Details : https://www.microsoft.com/security/port ... arpes.A!cl

Name : Trojan:Win32/Varpes.C!cl
MS Details : https://www.microsoft.com/security/port ... arpes.C!cl

Name : Trojan:Win32/Varpes.H!cl
MS Details : https://www.microsoft.com/security/port ... arpes.H!cl

Name : Trojan:Win32/Varpes.G!cl
MS Details : https://www.microsoft.com/security/port ... arpes.G!cl


Guys your help on this will be highly appreciated .

Warm Regards

Leeno

[geoffreyvdb]

Hi Guys ,

I am trying for Varpes ( Microsoft detection ) samples unfortunately Microsoft lacks details about these new detection which use !cl at end in name . Don't know what this !cl stands for in Microsoft name .

MS reference Details

Name : Trojan:Win32/Varpes.I!cl
MS Details : https://www.microsoft.com/security/port ... arpes.I!cl

Name : Trojan:Win32/Varpes.C!cl
MS Details : https://www.microsoft.com/security/port ... arpes.A!cl

Name : Trojan:Win32/Varpes.C!cl
MS Details : https://www.microsoft.com/security/port ... arpes.C!cl

Name : Trojan:Win32/Varpes.H!cl
MS Details : https://www.microsoft.com/security/port ... arpes.H!cl

Name : Trojan:Win32/Varpes.G!cl
MS Details : https://www.microsoft.com/security/port ... arpes.G!cl


Guys your help on this will be highly appreciated .

Warm Regards

Leeno

You might already be aware of this but you can find the microsoft malware naming convention at the following link: https://www.microsoft.com/security/port ... aming.aspx

The !cl suffix is not in there however, perhaps it was written in Lisp?
Blog post about Varpes: http://malwarefixes.com/threats/trojanwin32varpes-kcl/

I don't have any samples, sorry