Reverse Engineeirng a Bot

[Adam Pridgen <adam.pridgen () THECOVEROFNIGHT COM>]

All -

I reverse engineered the Plague Bot from a sample that was acquired
from a university setting.  This is a (poorly constructed) IRC bot
that is based off open source malware, and at the time of analysis,
the bot was undetected.  Its capabilities include USB and other drive
infection using autorun, an MSN Spreading mechanism, FF/IE password
stealing, along with some of the other usual goodies.  I have posted
the results of the analysis and the process I followed to reverse
engineer the binary.  The blog post is located here:
http://www.praetoriangrp.com/blog/.  Please let me know if you have
any questions.  Thanks,


-- Adam