
Another excellent article!
If you look at the secureworks threat analysis, these guyz 0wn Windows architectures in no time. Weird, all their toolsets seem to target Windows systems and Microsoft software running on it, except for some other middleware.
I really do not like how Dell provide file names / domains / IP addresses to try and help mitigate your risk, these are all subject to change, without notice! rofl
Scary stuff, guyz, I do hope you have a few honeypots in your datacenter, along with strong filesystem integrity measures. Note that they can hide their DLL's anywhere on the path, under any name of their choice.
Ports, IP Adresses, domain names, user agent strings (rofl), file names etc will change.