这是什么样的签名???? [英] What Kind Of Signature Is This????

问题描述

我正在网上搜索，发现了一些有趣的病毒签名代码，但我不知道它是哪种签名(例如哈希)


这是一些签名..

xa8K4afnOXXJLgXu1t/tKO/TE3B5cbQh9uZnP/12d7s = Backdoor.IRC.Besik.b
kRnht2GuaUHuw + QtOnmTStX7EYfcQAtYd + NLdPDxg4g = IRC-Worm.IRC.Simpsalapim.a
obYNsN1IIZe5HnGhlcBkxQMoogBLvw55UsRu + nlFbLE = Backdoor.IRC.Digarix.a


我知道这不是crc32，但也许是哈希值?或.........

请指教..

I was searching the net and found some interesting signature codes that belong to viruses but I have no idea what kind of signature it is (Ex. hash)


here are some of the signatures..

xa8K4afnOXXJLgXu1t/tKO/TE3B5cbQh9uZnP/12d7s=Backdoor.IRC.Besik.b
kRnht2GuaUHuw+QtOnmTStX7EYfcQAtYd+NLdPDxg4g=IRC-Worm.IRC.Simpsalapim.a
obYNsN1IIZe5HnGhlcBkxQMoogBLvw55UsRu+nlFbLE=Backdoor.IRC.Digarix.a


I know this is not crc32 but maybe its hash? or.........

please advise..

thank you in advance!

推荐答案

是的，它们很可能是哈希字符串，有时是base64编码的字符串.通过在可执行代码中标识唯一的二进制代码片段，然后从这些唯一的数据生成哈希值，然后将其用于识别病毒，可以使用它们来识别病毒.

Yeah, they are most likely hash strings, sometimes base64 encoded strings. They are used to identify viruses by identifying a unique piece of binary code in the executable code, and then generating a hash from this unique data that can then be used to identify the virus.

它看起来与病毒有关.

这可以给您更具体的想法:

http://www.sophos.com/security/analyses/viruses-and-spyware/trojaladinzb.html [ ^ ]

http://www.spywareterminator.com/item/28019/IRC--WormIRCSimpsalapimn.html [ ^ ]

http://www.sunbeltsecurity.com/ThreatDisplay.aspx? name = Backdoor.IRC.Besik& tid = 4261731& cs = F6A16FABA692754E56763E68C7809720 [

It looks like related to viruses.

This can give you more concrete idea:

http://www.sophos.com/security/analyses/viruses-and-spyware/trojaladinzb.html[^]

http://www.spywareterminator.com/item/28019/IRC--WormIRCSimpsalapimn.html[^]

http://www.sunbeltsecurity.com/ThreatDisplay.aspx?name=Backdoor.IRC.Besik&tid=4261731&cs=F6A16FABA692754E56763E68C7809720[^]

—SA

这篇关于这是什么样的签名????的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！