Worm:Win32/Pykspa.A

Forum for completed malware requests.
Post Reply
korczyn
Posts: 14
Joined: Wed Jan 19, 2011 2:41 pm

Worm:Win32/Pykspa.A

Post by korczyn » Wed Mar 23, 2011 5:13 pm

Hi,

I would like to ask if someone has a sample of Worm.Skipi.g

other aliases by threatexpert:
* Worm.Skipi.g [PCTools]
* Worm.Win32.Skipi.g [Kaspersky Lab]
* Mal/Behav-043, Mal/Behav-103 [Sophos]
* PWS:Win32/Phorex.A [Microsoft]

more info:
http://www.threatexpert.com/report.aspx ... ee3b563424
http://support.clean-mx.de/clean-mx/md5 ... 32/Skipi.g

md5: b6b1985142e4ad9846d3ffee3b563424

...by the use of md5 I found potential malicious links in the database:
http://honeywhales.com/malware_samples/list ...but no longer available

I'd like to observe the behaviour of automatically messaging my Skype contacts from my Skype name and offers them the malicious download link.

Thanks!

User avatar
Meriadoc
Posts: 195
Joined: Sat Mar 13, 2010 7:36 pm
Location: Cymru

Re: Malware Requests

Post by Meriadoc » Thu Mar 24, 2011 9:29 am

Hello,

I have two Worm.Win32.Skipi.b in collection
a worm that sends instant-messages on behalf of a user logged into Skype
md5 : ED6BB008B67AF3BC5D388AB0C16F5DC1
md5 : 8527F1C84E0E137A9A3111CE40014F9C

HTH
You do not have the required permissions to view the files attached to this post.
Who controls the past controls the future
Who controls the present controls the past

korczyn
Posts: 14
Joined: Wed Jan 19, 2011 2:41 pm

Re: Malware Requests

Post by korczyn » Fri Mar 25, 2011 7:46 am

Meriadoc wrote: I have two Worm.Win32.Skipi.b in collection
a worm that sends instant-messages on behalf of a user logged into Skype
Thanks a lot! That's what I was searching for!

Blender
Posts: 1
Joined: Sat Aug 21, 2010 12:33 am

Re: Malware Requests

Post by Blender » Sat Mar 26, 2011 12:07 pm

Careful with those --

md5 : ED6BB008B67AF3BC5D388AB0C16F5DC1

My AV tags it as Virut (which is a file infector for those that don't know)

User avatar
Meriadoc
Posts: 195
Joined: Sat Mar 13, 2010 7:36 pm
Location: Cymru

Re: Malware Requests

Post by Meriadoc » Sat Mar 26, 2011 1:38 pm

korczyn wrote:Thanks a lot! That's what I was searching for!
(Glad to help...)I'm not scouting for points but if we keep thanks in this thread to private message or Rep. point it will keep things nice and tidy :)
Blender wrote:Careful with those --

md5 : ED6BB008B67AF3BC5D388AB0C16F5DC1

My AV tags it as Virut (which is a file infector for those that don't know)
VT - http://www.virustotal.com/file-scan/rep ... 1301142839

Hi Blender welcome, concern duly noted but please see the rules on page 1.
1. This thread is only for requests and sharing. If you want to discuss specified malware...start new thread.
Mods. hope I never overstepped the mark :)
Who controls the past controls the future
Who controls the present controls the past

Post Reply