Digitally signed malware

Forum for analysis and discussion about malware.
360Tencent
Posts: 116
Joined: Thu Dec 15, 2011 12:47 pm

Re: Digitally signed malware

Post by 360Tencent » Sun May 26, 2013 5:37 am

PWS


https://www.virustotal.com/en/file/d75b ... 369546079/

SHA256: d75b07eced87360e8753c4f312f59075a0bb6a42c5075a57b53b92355727d16b
SHA1: 43dd86e050d7d287ce4990e74582b3344bfdcc6c
MD5: 35f63590d1dd5bf6423f527b22584bc4
35f63590d1dd5bf6423f527b22584bc4.7z
hxxp://jjso.net:88/
hxxp://jjso.net:88/1
hxxp://jjso.net:88/2
hxxp://jjso.net:88/3
hxxp://jjso.net:88/4
hxxp://jjso.net:88/ceshi
hxxp://jjso.net:88/D_mt
hxxp://jjso.net:88/D_xp
hxxp://jjso.net:88/jjso
hxxp://jjso.net:88/jp
hxxp://jjso.net:88/l0
hxxp://jjso.net:88/l0_1
hxxp://jjso.net:88/l1
hxxp://jjso.net:88/l1_1
hxxp://jjso.net:88/l1_T.jpg
hxxp://jjso.net:88/l2
hxxp://jjso.net:88/l2_T.doc
hxxp://jjso.net:88/l3
hxxp://jjso.net:88/l4
hxxp://jjso.net:88/l4_T.jpg
hxxp://jjso.net:88/liwei.jpg
hxxp://jjso.net:88/mt
hxxp://jjso.net:88/mt1
hxxp://jjso.net:88/mt2
hxxp://jjso.net:88/mt3
hxxp://jjso.net:88/mt3_T.jpg
hxxp://jjso.net:88/px.jpg
hxxp://jjso.net:88/xp.jpg
...
Capture.PNG
You do not have the required permissions to view the files attached to this post.

User avatar
Xylitol
Global Moderator
Posts: 1661
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Contact:

Re: Digitally signed malware

Post by Xylitol » Fri Jun 28, 2013 11:08 pm

You do not have the required permissions to view the files attached to this post.

User avatar
hx1997
Posts: 101
Joined: Sat Apr 07, 2012 12:16 am

Re: Digitally signed malware

Post by hx1997 » Wed Jul 03, 2013 2:55 am

Sendspace is sending (targeted?) malware
http://www.reddit.com/r/netsec/comments ... d_malware/

It's adware. VT 8/47
https://www.virustotal.com/en/file/7565 ... 372819428/

Malware download page
捕获3.png
Note that you need to check the "sendspace accelerator" checkbox to download this adware.
You do not have the required permissions to view the files attached to this post.

markusg
Posts: 730
Joined: Mon Mar 15, 2010 2:53 pm

Re: Digitally signed malware

Post by markusg » Thu Mar 23, 2017 7:54 am

SHA256:
81fdbf04f3d0d9a85e0fbb092e257a2dda14c5d783f1c8bf3bc41038e0a78688
Dateiname:
asus-sor-u5-drayver.exe
Erkennungsrate:
12 / 61
https://virustotal.com/de/file/81fdbf04 ... /analysis/
You do not have the required permissions to view the files attached to this post.

markusg
Posts: 730
Joined: Mon Mar 15, 2010 2:53 pm

Re: Digitally signed malware

Post by markusg » Fri Jun 09, 2017 5:10 pm

some sort of adware i think
SHA256:
db1de97c7287fe26063a5b3306e7df331d1e2c6e5e0f3e1e2c979bbad8aba91d
Dateiname:
pci_input_device_driver_windows_7_download.exe
Erkennungsrate:
11 / 60
https://virustotal.com/de/file/db1de97c ... 497026285/
You do not have the required permissions to view the files attached to this post.

Post Reply