Dustbin Cook wrote:
> BugHunter v2.2e released December 20th, 2007
>
> 1. The code neutralizing routines can be turned off via a toggle
> inside the configuration file.
> 2. A few minor visual display changes/bugfixes.

A few days ago malicious malware author
Dustin Cook (aka Raid/[SLAM] virus
writing group) was found out to be
concealing an obscured signature in
his Bug**** malware tool, this was to
hide the presence of the UPX packer
(a trick used by malicious malware
authors to evade AV detection).

Does anyone wonder what Dustbin is
hiding in version 2.2e of his crapware?
Why don't you save running it until
the 25th of December, that's the
traditional time of years for flashing
bios.

The signature in question was 0xDCFCBCCD
and discovered by ACV regular "Ant" just
prior to a disassembly of the suspicious
file.


For more details about Raid/[SLAM]

http://fourq.host.sk/chars/Dustin_Cook/
&
http://fourq.host.sk/INFO/Nirodh_Cook/



4Q