|
Anyone know where i can find the virus?
The .exe attachment you get on emails is actually just a small trojan downloader which will download Cryptolocker and drop the destructive payload.
I want to sniff out where the trojan downloads cryptolocker and create a DNS loopback on our server.
EDIT: Nevermind, turns out DNS sink-holing attempts have failed. The downloader has a domain generating algorithm which creates and finds 1000 new locations (everyday) to download cryptolocker from. What a nightmare.
Last edited by killswitch; 06-11-2013 at 01:05 AM.
|