14.01.2018

The Big Zeus Family Similarity Showdown

Dear followers of this blog, I wish you a happy new year!

About a month ago, I have launched my latest project: Malpedia (slides here).
Since the launch, we have grown by about 350 users and have a stable average 10 proposals/contributions per day. I hope that Malpedia will become a really useful resource for malware research over time!

This blog shall serve as a demonstration for what you can use with this malware corpus.
Over the last couple days, I have taken all dumps for versions of Zeus-related families and created a similarity matrix for them, using IDA Pro and BinDiff.

It looks like this:

Screenshot of "The Big Zeus Family Similarity Showdown"
Because I want to update this document over time, I have descided to host it on a dedicated page over at pnx.tf instead of using this blog. Over there, you can find more info on the families included and the methodology I used in order to create it.
@
Labels: , , , , , , , , , , , ,

1 Kommentar:

  1. LJESec14. Januar 2018 um 11:09

    great approach :) - is there a possibility to get the scripts for calculating the similarity

    AntwortenLöschen

Abonnieren Kommentare zum Post (Atom)