• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

What is this for code?

Cornex

Web Developer
Staff member
Global Moderator
Joined
Jun 15, 2008
Messages
3,444
Solutions
6
Reaction score
1,170
Location
Sweden
I saw an interesting artice today, they have get the code from the new trojan "Duqu"

But the russian researchers can not identify what type of code this is, so i would post it here.
Can be nice to hear what you guys think about this.

NOTE: I will post the artice down under the code, i just translate it from swedish to english lal :)

The Code:

O7Pv4v.png


Russian scientists try to analyze the malicious computer worm Duqu have reached an impasse. Parts of the program code is written in a language that they can not identify.

Duqu upptäktes in september 2011 and is considered to have links with the Trojan horse Stuxnet which include knocking out control of the Iranian nuclear reprocessing plant for uranium at Natanz.

Scientists are now trying to analyze Diqu work at the Russian anti-virus firm Kaspersky Lab. The assignment comes from an unnamed businesses affected by the new virus.

In a blog describing Igor Soumenkov from Kaspersky Lab's work to identify the previously unknown programming language used in some of Duqu.

What is known about Duqu is that it collects data on the affected system and the suspicion is that the "spies" will use this information to then construct Stuxnetliknande program to sabotage these systems.

To the Russian researchers to conduct a full analysis of Duqu do they have to gain more knowledge which is hindered by an unfamiliar programming language used.

That they do so may depend on several different things. The language can be a brand new exclusively developed for programming Duqu.

But it can also be a highly specialized language that might be used by a small group of scientists anywhere in the world. In this case, the Russians hope that they make themselves known now that the issue has been published.

The Russian Virus researchers also have theories about why different languages ​​have been used for Duqu. One reason may be to make it harder to analyze.

But it may also be that the virus is programmed by different groups in which one of them simply used the language they normally use for others might completely legitimate data.

Most of Duqu is written in C + + and compiled with Microsoft Visual C + +2008. But the unknown language is not compiled with the tool, the researchers noted. They also ruled that such ObjectiveC, Java, Python, Ada or Lua has been used.

Anyone wishing to help with the identification of the unknown language can read this press release.

The comments on the blog are various guesses about the unknown code.

What do you think?
 
as lua is a language itself, they got a pretty dush part on the language that is used for the function. Since Compare_func overweights the normal compare; and each other -func since its expmained a lil more(due to Div rules class 1) 20% of the code is actually not taking place which makes me think that this is not a knock out script but actually more a spy. It looks for value in scripts and programms. Cant actually be the reason it knocked down. beside the fact that the iranias might have installed a protec so theyre programs crash asap theyre in progress of beeign spied
 
Back
Top