.cpl malware

Forum for analysis and discussion about malware.
Post Reply
TheExecuter
Posts: 25
Joined: Sat Aug 10, 2013 5:02 pm

.cpl malware

Post by TheExecuter » Sat Sep 07, 2013 1:24 pm

pAcked
https://mega.co.nz/#!VtFBECRL!d6UyRRbsp ... TJZmfhmJ7Y
BB65652E97234E6F8429A0025D5C1E0B
dump_1
https://mega.co.nz/#!VllEXbxb!MaJApRs3T ... ZZ0J_-L2qg
C45A03C6C3D6372E1865668EE6059C92

what is this? if anyone can shed some light.

TheExecuter
Posts: 25
Joined: Sat Aug 10, 2013 5:02 pm

.cpl malware

Post by TheExecuter » Sat Sep 07, 2013 6:43 pm

attached malware is in .cpl form.
changed to .dll so no one accidentally opens it.
anyone can shed some light on what this exactly is?
You do not have the required permissions to view the files attached to this post.

User avatar
EP_X0FF
Global Moderator
Posts: 4872
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Contact:

Re: .cpl malware

Post by EP_X0FF » Mon Sep 09, 2013 2:48 am

Assume it is sort of script-kiddie downloader. Lots of VCL and other CodeGear crap runtime inside, including ZipForge component to unpack this (link hardcoded) hxxp://www.4shared.com/download/zc6pAtza/new.zip which is unavailable.
Ring0 - the source of inspiration

TheExecuter
Posts: 25
Joined: Sat Aug 10, 2013 5:02 pm

Re: .cpl malware

Post by TheExecuter » Mon Sep 09, 2013 5:00 pm

seems trash then.
even i found new.zip unavailable, but i thought it was more than a downloader. =|
the guy who sent me said its meant to be ATS. O_O
trash please.

Post Reply