Analysis of Conficker C
Phillip Porras, Hassen Saidi, and Vinod Yegneswaran from SRI has publicly posted an excellent overview of the Conficker malware. They even have a great analysis of the C variant as well. I highly recommend reading this excellent work.
"Conficker is one of a new interesting breed of self-updating worms that has drawn much attention recently from those who track malware. In fact, if you have been operating Internet honeynets recently, Conficker has been one very difficult malware to avoid. In the last few months this worm has relentlessly pushed all other infection agents out of the way, as it has infiltrated nearly every Windows 2K and XP honeypot that we have placed out on the Internet. From late November through December 2008 we recorded more than 13,000 Conficker infections within our honeynet, and surveyed more than 1.5 million infected IP addresses from 206 countries."