This version of Stinger includes detection for all known variants including: - BackDoor-ALI
- BackDoor-AQJ
- BackDoor-AQJ.b
- BackDoor-CEB
- BackDoor-CEB!bat
- BackDoor-CEB!hosts
- BackDoor-CEB.b
- BackDoor-CEB.c
- BackDoor-CEB.d
- BackDoor-CEB.dll
- BackDoor-CEB.dr
- BackDoor-CEB.e
- BackDoor-CEB.f
- BackDoor-CEB.sys
- BackDoor-CFB
- BackDoor-JZ
- BackDoor-JZ.dam
- BackDoor-JZ.dr
- BackDoor-JZ.gen
- BackDoor-JZ.gen.b
- Bat/Mumu.worm
- Downloader-DN.a
- Downloader-DN.b
- Exploit-DcomRpc
- Exploit-DcomRpc.b
- Exploit-DcomRpc.dll
- Exploit-Lsass
- Exploit-Lsass.dll
- Exploit-MS04-011
- Exploit-MS04-011.gen
- HideWindow
- HideWindow.dll
- IPCScan
- IRC/Flood.ap
- IRC/Flood.ap.bat
- IRC/Flood.ap.dr
- IRC/Flood.bi
- IRC/Flood.bi.dr
- IRC/Flood.cd
- NTServiceLoader
- ProcKill
- PWS-Narod
- PWS-Narod.dll
- PWS-Narod.gen
- PWS-Sincom
- PWS-Sincom.dll
- PWS-Sincom.dr
- W32/Anig.worm
- W32/Anig.worm.dll
- W32/Bagle
- W32/Bagle!eml.gen
- W32/Bagle!pwdzip
- W32/Bagle.ad!src
- W32/Bagle.dldr
- W32/Bagle.dll.dr
- W32/Bagle.eml
- W32/Bagle.fb!pwdzip
- W32/Bagle.fc!pwdzip
- W32/Bagle.fd!pwdzip
- W32/Bagle.fe!pwdzip
- W32/Bagle.fm.dldr
- W32/Bagle.gen
- W32/Bagle@MM!cpl
- W32/Blaster.worm
- W32/Blaster.worm.k
- W32/Bropia.worm
- W32/Bugbear
- W32/Bugbear.a.dam
- W32/Bugbear.b!data
- W32/Bugbear.b.dam
- W32/Bugbear.gen@MM
- W32/Bugbear.h@MM
- W32/Bugbear@MM
- W32/Deborm.worm.ah
- W32/Doomjuice.worm
- W32/Dumaru
- W32/Dumaru.ad@MM
- W32/Dumaru.al.dll
- W32/Dumaru.dll
- W32/Dumaru.eml
- W32/Dumaru.gen
- W32/Dumaru.gen@MM
- W32/Dumaru.w.gen
- W32/Elkern.cav
- W32/Elkern.cav.c
- W32/Elkern.cav.c.dam
- W32/Fizzer
- W32/Fizzer.dll
- W32/FunLove
- W32/FunLove.apd
- W32/Gaobot.worm
- W32/Harwig.worm
- W32/IRCbot
- W32/IRCbot.worm
- W32/IRCbot.worm.dll
- W32/Klez
- W32/Klez.dam
- W32/Klez.eml
- W32/Klez.gen.b@MM
- W32/Klez.rar
- W32/Korgo.worm
- W32/Lirva
- W32/Lirva.c.htm
- W32/Lirva.eml
- W32/Lirva.htm
- W32/Lirva.txt
- W32/Lovgate
- W32/Mimail
- W32/Mimail.c@MM
- W32/Mimail.c@MM
- W32/Mimail.i!data
- W32/Mimail.q@MM
- W32/MoFei.worm
- W32/MoFei.worm.dr
- W32/Mumu.b.worm
- W32/Mydoom
- W32/Mydoom!bat
- W32/Mydoom!ftp
- W32/Mydoom.b!hosts
- W32/Mydoom.dam
- W32/Mydoom.t.dll
- W32/Mytob
- W32/Mytob.gen@MM
- W32/Mytob.worm
- W32/MyWife
- W32/MyWife.dll
- W32/MyWife@MM
- W32/Nachi!tftpd
- W32/Nachi.worm
- W32/Netsky
- W32/Netsky.af@MM
- W32/Nimda
- W32/Nimda.dam
- W32/Nimda.eml
- W32/Nimda.gen@MM
- W32/Nimda.htm
- W32/Pate
- W32/Pate!dam
- W32/Pate.dam
- W32/Pate.dr
- W32/Polip
- W32/Polip!mem
- W32/Polybot
- W32/Polybot.bat
- W32/Sasser.worm
- W32/Sasser.worm!ftp
- W32/Sdbot
- W32/Sdbot!irc
- W32/Sdbot.bat
- W32/Sdbot.cli
- W32/Sdbot.dll
- W32/Sdbot.dr
- W32/Sdbot.worm
- W32/Sdbot.worm!ftp
- W32/Sdbot.worm.bat.b
- W32/Sdbot.worm.dr
- W32/Sdbot.worm.gen
- W32/Sdbot.worm.gen.a
- W32/Sdbot.worm.gen.b
- W32/Sdbot.worm.gen.c
- W32/Sdbot.worm.gen.d
- W32/Sdbot.worm.gen.e
- W32/Sdbot.worm.gen.q
- W32/Sober
- W32/Sober!data
- W32/Sober.dam
- W32/Sober.eml
- W32/Sober.f.dam
- W32/Sober.g.dam
- W32/Sober.q!spam
- W32/Sober.r.dr
- W32/Sober.r@MM
- W32/Sobig
- W32/Sobig.dam
- W32/Sobig.eml
- W32/Sobig.f.dam
- W32/Sobig.gen@MM
- W32/Spybot.worm
- W32/SQLSlammer.worm
- W32/Swen
- W32/Swen@MM
- W32/Yaha.eml
- W32/Yaha.gen@MM
- W32/Yaha.y@MM
- W32/Yaha@MM
- W32/Zafi
- W32/Zafi.b.dam
- W32/Zindos.worm
- W32/Zotob.worm
- W32/Zotob.worm!host
Enhanced detections are those that have been modified for this release. Detections are enhanced to cover new variants, optimize performance, and correct incorrect identifications.
New Detections:- FakeAlert-Rena.bk
- FakeAlert-Rena.bl
- Generic Downloader.ko
- Generic FakeAlert.gg.gen.a
Enhanced Detections:
- Downloader-BMN.gen.f
- FakeAlert-Rena.bh
- FakeAlert-SecurityTool.bt
- FakeAlert-SysDef.b
- Generic Downloader.io
- Generic Downloader.kp
- Generic FakeAlert.ama
- W32/Autorun.worm.aabc
- W32/Autorun.worm.g
- W32/Autorun.worm.g!0BE8F32E
|