SECWAY SARL
10,
rue des Lampes
92190 MEUDON
Analysis of a binary found
on a compromised system
The
Name |
Title |
Phone |
email |
Approval |
Grégoire Sirou |
Security
consultant |
(removed) |
|
|
Nicolas Dubée |
Security
consultant |
(removed) |
|
The attached documents (all of them making
“the report”) describe the methods and results of the analysis of a binary
found by the
Analysis of this binary was delegated by
the
The work documented in this report was
performed by Grégoire Sirou and Nicolas Dubée from
The customer will find in the report the following documents:
- Index.html, this document, covert page for the whole report.
Author : Nicolas Dubée
Last edited : XXX
MD5 sum : (none available)
- Summary.html, a non-technical summary of the work done, explaining the key aspects of the binary, how it works, the threats it poses, and how to detect and defend against it.
Author : Nicolas Dubée
last edited : XXX
MD5 sum : XXX
- Advisory.html, a technical document providing technical responses to the questions mentioned above.
Author : Nicolas Dubée
Last edited : XXX
MD5 sum : XXX
- Method.html, a technical document describing methods and tools we used to come to this report.
Authors : Grégoire Sirou, Nicolas Dubée
Last edited : XXX
MD5 sum : XXX
- Answers.html, answers to a set of questions the customer was looking for.
Author : Nicolas Dubée
Last edited : XXX
MD5 sum : XXX
- Costs.html, cost-estimate of the incident.
Author : Nicolas Dubée
Last edited : XXX
MD5 sum : XXX
- log2c.pl, a tool to convert log files to C arrays
Author : Grégoire Sirou
Last edited : XXX
MD5 sum : XXX
- decoder.c, a tool to decrypt backdoor traffic
Author : Grégoire Sirou
Last edited : XXX
MD5 sum : XXX