Saturday, November 5, 2011

Duqu Analysis & Detection Tool Released

NSS engineers have developed a scanning tool that can be used to detect all DuQu drivers installed on a system. This tool was developed in the hopes that additional drivers can be discovered to allow us to learn more about the functionality, capabilities and ultimate purpose of DuQu

Based on layout of the drivers discovered so far, the NSS tool is capable of detecting 100% of drivers with zero false positives. Because it is using advanced pattern recognition techniques, it is also capable of detecting new drivers as they are discovered. Two new drivers were discovered after the tool was completed, and both were detected by the NSS tool with no updates required. (Duqu Analysis & Detection Tool Released : via)

Download Analysis & Detection Tool : https://github.com
Source Analysis & Detection Tool : http://www.nsslabs.com

No comments: