Win32/Zeus (alias Zbot)
Re: Trojan Zeus (alias ZBot)
You do not have the required permissions to view the files attached to this post.
- Aleksandra
- Posts: 79
- Joined: Sun Jun 05, 2011 9:34 pm
Re: Trojan Zeus (alias ZBot)
You do not have the required permissions to view the files attached to this post.
Re: Trojan Zeus (alias ZBot)
19 samples, observed last few days
You do not have the required permissions to view the files attached to this post.
Re: Trojan Zeus (alias ZBot)
17 droppers in archive
You do not have the required permissions to view the files attached to this post.
Re: Trojan Zeus (alias ZBot)
ZBot collection, observed last three month http://narod.ru/disk/43976718001.6c9f15 ... t.zip.html
Unknown?
Just received by mail.

rapport.pdf.exe
https://www.virustotal.com/file/bce0e24 ... 332237452/
MD5: cff63a36b4d1b80d8daa31b371e04787
Detection ratio: 1 / 43
EDIT:
Possible zbot but i'm not sure.

rapport.pdf.exe
https://www.virustotal.com/file/bce0e24 ... 332237452/
MD5: cff63a36b4d1b80d8daa31b371e04787
Detection ratio: 1 / 43
EDIT:
Possible zbot but i'm not sure.
You do not have the required permissions to view the files attached to this post.
- EP_X0FF
- Global Moderator
- Posts: 4872
- Joined: Sun Mar 07, 2010 5:35 am
- Location: Russian Federation
- Contact:
Re: Unknown?
You do not have the required permissions to view the files attached to this post.
Ring0 - the source of inspiration
Re: Trojan Zeus (alias ZBot)
https://www.virustotal.com/file/dcbb0b9 ... /analysis/
MD5: 9097a9675a50ac7ec4d98f175fd326d6
Detection ratio: 8 / 43
MD5: 9097a9675a50ac7ec4d98f175fd326d6
Detection ratio: 8 / 43
You do not have the required permissions to view the files attached to this post.
Re: Trojan Zeus (alias ZBot)
Guys, great news 
At last 3 month ZBot was the most common trojan and stealer, a huge number of various samples every day. But...
Microsoft and partners disrupt Zeus botnets http://blogs.technet.com/b/mmpc/archive ... tnets.aspx

At last 3 month ZBot was the most common trojan and stealer, a huge number of various samples every day. But...
Microsoft and partners disrupt Zeus botnets http://blogs.technet.com/b/mmpc/archive ... tnets.aspx
http://blogs.technet.com/b/microsoft_bl ... tnets.aspxThis week, Microsoft has partnered with security experts and the financial services industry on a new action codenamed Operation b71 to disrupt some of the worst known botnets using variants of the notorious Zeus malware (which we detect as Win32/Zbot).
Re: Trojan Zeus (alias ZBot)
Interesting, one of the C&C's they mentioned shutting down is about 15 min from where I work (Lombard, IL). Seems kind of weird they'd put a C&C server inside the US considering it is pretty trivial for the government to get a shutdown order issued you'd think they'd want to keep it off shore somewhere.
edit: Well I suppose since it was Microsoft it isn't a government operation but really if the right amount of money made it into someones hands i'm sure it would have happened anyways
edit: Well I suppose since it was Microsoft it isn't a government operation but really if the right amount of money made it into someones hands i'm sure it would have happened anyways
