这是什么样的签名???? [英] What Kind Of Signature Is This????
问题描述
我正在网上搜索,发现了一些有趣的病毒签名代码,但我不知道它是哪种签名(例如哈希)
这是一些签名..
xa8K4afnOXXJLgXu1t/tKO/TE3B5cbQh9uZnP/12d7s = Backdoor.IRC.Besik.b
kRnht2GuaUHuw + QtOnmTStX7EYfcQAtYd + NLdPDxg4g = IRC-Worm.IRC.Simpsalapim.a
obYNsN1IIZe5HnGhlcBkxQMoogBLvw55UsRu + nlFbLE = Backdoor.IRC.Digarix.a
我知道这不是crc32,但也许是哈希值?或.........
请指教..
I was searching the net and found some interesting signature codes that belong to viruses but I have no idea what kind of signature it is (Ex. hash)
here are some of the signatures..
xa8K4afnOXXJLgXu1t/tKO/TE3B5cbQh9uZnP/12d7s=Backdoor.IRC.Besik.b
kRnht2GuaUHuw+QtOnmTStX7EYfcQAtYd+NLdPDxg4g=IRC-Worm.IRC.Simpsalapim.a
obYNsN1IIZe5HnGhlcBkxQMoogBLvw55UsRu+nlFbLE=Backdoor.IRC.Digarix.a
I know this is not crc32 but maybe its hash? or.........
please advise..
thank you in advance!
推荐答案
是的,它们很可能是哈希字符串,有时是base64编码的字符串.通过在可执行代码中标识唯一的二进制代码片段,然后从这些唯一的数据生成哈希值,然后将其用于识别病毒,可以使用它们来识别病毒.
Yeah, they are most likely hash strings, sometimes base64 encoded strings. They are used to identify viruses by identifying a unique piece of binary code in the executable code, and then generating a hash from this unique data that can then be used to identify the virus.
它看起来与病毒有关.
这可以给您更具体的想法:
http://www.sophos.com/security/analyses/viruses-and-spyware/trojaladinzb.html [ ^ ]
http://www.spywareterminator.com/item/28019/IRC--WormIRCSimpsalapimn.html [ ^ ]
http://www.sunbeltsecurity.com/ThreatDisplay.aspx? name = Backdoor.IRC.Besik& tid = 4261731& cs = F6A16FABA692754E56763E68C7809720 [
It looks like related to viruses.
This can give you more concrete idea:
http://www.sophos.com/security/analyses/viruses-and-spyware/trojaladinzb.html[^]
http://www.spywareterminator.com/item/28019/IRC--WormIRCSimpsalapimn.html[^]
http://www.sunbeltsecurity.com/ThreatDisplay.aspx?name=Backdoor.IRC.Besik&tid=4261731&cs=F6A16FABA692754E56763E68C7809720[^]
—SA
这篇关于这是什么样的签名????的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!