关于.exe中开发人员的嵌入式信息? [英] Embedded Info About Developer in .exe?

问题描述

大家好，你好

我对Stuxnet病毒感兴趣.我正在阅读它，我想知道赛门铁克如何从已编译的可执行文件中提取信息. Windows .exe的编译器是否在其中嵌入了有关开发人员的信息?假设开发人员PC的名称为"Jim-PC"，帐户为"Jim"，编译器(例如Visual Studio 2008)是否将该信息嵌入到.exe中? .exe中是否有关于开发人员的小参考? (当然，除了程序集信息之外)

Hello, Everyone

I have taken an interest in the Stuxnet virus. I was reading about it and I wondered how Symantec extracted information from the compiled executable. Does a compiler for Windows .exe''s embed information about the developer in it? Say the developer PC''s name is ''Jim-PC'' and the account is ''Jim'', does the compiler (Visual Studio 2008 for instance) embed that info into the .exe? Are there small references in the .exe about the developer? (Apart from assembly info, of course)

推荐答案

他们从Stuxnet二进制文件中获得的唯一东西是带有特定构建时间戳的dll.显然，这很容易被伪造.除此之外，他们还使用原始IP和早期检测来尝试找出可能来自感染的来源.有很多基于社会逆向工程的研究和ISP日志的解析.再说一次，很多也是猜测.

The only thing they had from the Stuxnet binary was a dll with a specific build time-stamp on it. Obviously that could easily have been faked. Other than that they use originating IPs and early detections to try and trace out from where the infection may have originated. There is a lot of social reverse engineering based research and parsing of ISP logs. And then again, a lot of it is speculation too.

这篇关于关于.exe中开发人员的嵌入式信息?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！