History The worm was at first identified by the security company VirusBlokAda in mid-June Journalist Brian Krebs's blog posting on 15 July 2010 was the first widely read report on the worm. The original name given by VirusBlokAda was "Rootkit.Tmphider"; Symantec however called it "W32.Temphid", later changing to "W32.Stuxnet"
16 January 2011
7 Juillet 2013
5MB StuXnet
Design and organization Stuxnet is typically introduced to the target environment via an infected USB flash drive. %DriveLetter%\~WTR4132.tmp %DriveLetter%\~WTR4141.tmp %DriveLetter%\Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Shortcut to.lnk %DriveLetter%\Copy of Copy of Copy of Copy of Shortcut to.lnk LNK CVE
DD MDD Nigilant32 KnTDD Memoryze
Volatility
Trojan Dropper Win32/Stuxnet Trojan:WinNT/Stuxnet.A Trojan:WinNT/Stuxnet.B
Microsoft Microsoft Windows 2000 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Vista Windows XP Operating systems vulnerable
Target
Vacon based in Finland
Fararo Paya based in Iran
PLC-BLASTER
References
Mohammad Reza Foshtanghi Stuxnet Malware Analysis Islamic Azad University Of Sabzevar 1395/1/28