murofet

Murofet, Zeus++ or just Zeus 2.1?

The first one writing about this new threat was Marco Giuliani. So, Murofet or Zeus++?

Taking a look at a couple of samples we were able to identify:
- Same API hooks
- Same encryption routine for configuration file (RC4)
- Pretty much the same configuration file format

Syndicate content