Author: xywcloud

Chinese Trojan Downloader

From July to now, we have collected lots of Chinese backdoor samples from a special source.

Sometimes they are encrypted, so they need a loader to download & decrypt.

We’re very lucky to get the full source code of this family of backdoor(Including source code, server module, client module and payload builder), so it’s easier for us to create signature.

Here is a downloader sample. Continue reading “Chinese Trojan Downloader”

X-Sec Antivirus 1.1.1.0 Released!

X-Sec Antivirus 1.1.1.0 Release Note

ADDED

  • Now X-Sec Antivirus can scan more types of file
  • Detection for a new type of encoded backdoor payload
  • Now X-Sec Antivirus GUI and X-Sec Antivirus Updater require admin privilege
IMPROVED
  • Optimize memory usage during scan
  • Optimize script identification logic
MODULE UPDATE
  • X-Sec CommandLine Scanner updated to 1.3.1.0
  • X-Sec Antivirus Updater updated to 1.0.1.2
  • XSec_FC.dll updated to 1.0.1.0
  • XSec_FI.dll updated to 1.0.2.0
  • XSec_HE.dll updated to 1.0.4.0
  • XSec_STK.dll updated to 1.0.3.0

Users must update to this version otherwise you will no longer use Cloud Engine.

X-Sec Antivirus 1.1.0.0 Released!

X-Sec Antivirus 1.1.0.0 Release Note

ADDED

  • Local digital signature database
  • Heuristic Engine for phishing pdf

IMPROVED

  • Improve scan speed
  • Optimize script identification logic
  • Optimize codes

FIXED

  • Minor bug in 1.0.3.1 version

MODULE UPDATE

  • X-Sec CommandLine Scanner updated to 1.3.0.0
  • X-Sec Antivirus Updater updated to 1.0.1.1
  • XSec_CS.dll updated to 1.0.0.6
  • XSec_FI.dll updated to 1.0.1.6
  • XSec_HE.dll updated to 1.0.3.0
  • XSec_STK.dll updated to 1.0.2.4

Users must update to this version otherwise you will no longer use Cloud Engine.