Request for examples of mixed virus-worm-trojan malware

[I?igo Koch]

Hi everyone,

I am currently preparing a paper about malware.
I would appreciate very much examples of mixed malware entities, i.e.
showing at the same time features of viruses, worms, trojans, adware,
spyware, etc...

I am already gathering this information, but, having the possibility
to get a large feedback with only one post here, why not take
advantage?


Thanks in advance for your answers,


Iñigo Koch
(e-mail address removed)

 

[Jack the Bear]

Hi everyone,

I am currently preparing a paper about malware.
I would appreciate very much examples of mixed malware entities, i.e.
showing at the same time features of viruses, worms, trojans, adware,
spyware, etc...

I am already gathering this information, but, having the possibility
to get a large feedback with only one post here, why not take
advantage?


Thanks in advance for your answers,


Iñigo Koch
(e-mail address removed)

These should give enough info to keep you busy for several years:

http://www.symantec.com/avcenter/vinfodb.html
http://www3.ca.com/virusinfo/browse.aspx
http://vil.nai.com/vil/default.asp

- J.

 

[kurt wismer]

Hi everyone,

I am currently preparing a paper about malware.
I would appreciate very much examples of mixed malware entities, i.e.
showing at the same time features of viruses, worms, trojans, adware,
spyware, etc...

I am already gathering this information, but, having the possibility
to get a large feedback with only one post here, why not take
advantage?

there are lots of examples to choose from... klez.e/klez.h
(http://www.f-secure.com/v-descs/klez_e.shtml)
for instance is an email worm, a network share enumerating worm, and a
file infector (companion infection scheme)...

melissa (http://www.f-secure.com/v-descs/melissa.shtml) is an email
worm, a macro virus, and a data diddler (it inserted unwanted data into
affected documents)...

 

[FromTheRafters]

Hi everyone,

I am currently preparing a paper about malware.
I would appreciate very much examples of mixed malware entities, i.e.
showing at the same time features of viruses, worms, trojans, adware,
spyware, etc...

Virus, worm, and trojan ~ Hybris fits the bill.
In fact the keyholder could conceiveably add spyware and
adware functionality.

Klez.h has worm, virus, trojan, and virus dropper functionality.

The fact is, it is much harder these days to find an entity that doesn't
have mixed features.

I am already gathering this information, but, having the possibility
to get a large feedback with only one post here, why not take
advantage?

Good luck with your paper.

 

[Guest]

Hi everyone,

I am currently preparing a paper about malware.
I would appreciate very much examples of mixed malware entities, i.e.
showing at the same time features of viruses, worms, trojans, adware,
spyware, etc...

I am already gathering this information, but, having the possibility
to get a large feedback with only one post here, why not take
advantage?


Thanks in advance for your answers,


Iñigo Koch
(e-mail address removed)

I get a lot of ongoing information about combined threats from CERT
and SANS.
http://www.cert.org/
http://isc.sans.org/index.html?type=0

 

[I?igo Koch]

These should give enough info to keep you busy for several years:

http://www.symantec.com/avcenter/vinfodb.html
http://www3.ca.com/virusinfo/browse.aspx
http://vil.nai.com/vil/default.asp

- J.

Sure enough if I wanted virus/worm info, but what I am looking for is
specific cases in which, due to their features, it is difficult to
tell whether the entities are viruses, worms, etc.

Iñigo Koch
(e-mail address removed)

 

[kurt wismer]

I?igo Koch wrote:
[snip]

Sure enough if I wanted virus/worm info, but what I am looking for is
specific cases in which, due to their features, it is difficult to
tell whether the entities are viruses, worms, etc.

difficult to tell? that's not exactly what you asked before... before
you asked for examples of hybrids... there's no added complexity in
determining whether a hybrid can be classified a worm or a virus, the
only real difference is that a hybrid can be classified as both...

 

[Gabriele Neukam]

On that special day, kurt wismer, ([email protected]) said...

melissa (http://www.f-secure.com/v-descs/melissa.shtml) is an email
worm, a macro virus, and a data diddler (it inserted unwanted data into
affected documents)...

And Sircam made an art out of copying documents of all kinds.


Gabriele Neukam

(e-mail address removed)

 

[FromTheRafters]

Sure enough if I wanted virus/worm info, but what I am looking for is
specific cases in which, due to their features, it is difficult to
tell whether the entities are viruses, worms, etc.

First, you settle on what definitions you want to use for these entities.
Then you can look at Klez.h to see how your definitions' hold up.

If you start out with "trojans don't replicate" or some such you
will probably find yourself lost. Something like "viruses infect
programs" makes you ask if the OS is considered a "program"
when considering worms.

IMO Klez.h has all of the criteria stated in the subject line of
this thread.

 

[BoB]

Coolwebsearch

 

[I?igo Koch]

On that special day, ...

Why special?


;-)

 

[Tosis]

amen. This darned thing, mixed with a funlove variant and spaces.1445 kept me
irritated far beyond most infections I can remember. Thankfully, it wasn't any
of my personal workstations...