Search found 163 matches

by rough_spear
Sat Sep 14, 2013 7:44 am
Forum: Malware
Topic: ZeroAccess (alias MaxPlus, Sirefef)
Replies: 557
Views: 567049

Re: ZeroAccess (alias MaxPlus, Sirefef)

Hi All,

one more sample of Sirefef.

MD5 - 456D4D94B65C44C8B42901F2D87538A6

VT link - https://www.virustotal.com/en/file/0853 ... /analysis/

Regards,

rough_spear. ;)
by rough_spear
Tue Sep 10, 2013 11:23 am
Forum: Malware
Topic: Win32/Zeus (alias Zbot)
Replies: 281
Views: 361486

Re: Win32/Zeus (alias Zbot)

Hi All,

Zbot sample with low detection.

MD5 - f2583374f538f95198490f2e019e3430

VT - https://www.virustotal.com/en/file/4b0a ... 378811356/ (7 / 47).

Regards,

rough_spear. ;)
by rough_spear
Sun Aug 18, 2013 7:34 pm
Forum: Malware
Topic: Virus:Win32/Virut
Replies: 14
Views: 15212

Re: Virus:Win32/Virut

Hi All,

Virut sample!!! low detection.

VT link - https://www.virustotal.com/en/file/4df2 ... 376853761/


Regards,

rough_spear. ;)
by rough_spear
Sat Aug 17, 2013 12:32 pm
Forum: Malware
Topic: Win32/Bladabindi (NJ RAT)
Replies: 17
Views: 24178

Re: Win32/Bladabindi (NJ RAT)

It seems that Bladabindi is on the prowl, one more sample.

MD5 - A47C6E1861C6935CA98185C8D5C3795A

VT link - https://www.virustotal.com/en/file/0273 ... 376742132/

Regards,

rough_spear. ;)
by rough_spear
Sat Aug 17, 2013 11:16 am
Forum: Malware
Topic: Win32/Bladabindi (NJ RAT)
Replies: 17
Views: 24178

Re: Win32/Bladabindi (NJ RAT)

Hi All,

One more sample file of this malware.

MD5 - BD1D660819EE54457794F31B8AB1FDE2

VT link - https://www.virustotal.com/en/file/4128 ... 376738064/

Regards,

rough_spear. ;)
by rough_spear
Fri Aug 09, 2013 8:36 pm
Forum: Malware
Topic: Win32/Pronny (alias Beebone)
Replies: 6
Views: 4237

Re: Worm:Win32/Vobfus

Hi, one more observation by me is that it adds secret.exe into every .zip and .rar file to increase it attack surface. Absolutely correct my friend Blaze. Saw more of these recently as well, annoying autorun worm. Spreads via shares, hides folders and creates new .exe files with the folder name in a...
by rough_spear
Fri Aug 09, 2013 8:13 pm
Forum: Malware
Topic: Win32/Bladabindi (NJ RAT)
Replies: 17
Views: 24178

Re: Win32/Bladabindi (NJ RAT)

Hi All, This malware has an excellent capability of key logging.After execution it drops file java.exe in %temp% and created java.exe.tmp file where it actually stores all the key strokes from user. MD5 - 30E363C63AB1BA3BA87AD281E31CA223 VT link - https://www.virustotal.com/en/file/ed87c99769ce45c37...
by rough_spear
Fri Aug 09, 2013 12:15 pm
Forum: Malware
Topic: Win32/Pronny (alias Beebone)
Replies: 6
Views: 4237

Re: Worm:Win32/Vobfus

Absolutely correct my friend Blaze. Saw more of these recently as well, annoying autorun worm. Spreads via shares, hides folders and creates new .exe files with the folder name in attempt to spread. Drops these: Porn.exe Sexy.exe Secret.exe Passwords.exe Also known as Symmi or Pronny: http://www.wel...
by rough_spear
Thu Aug 08, 2013 9:07 pm
Forum: Malware
Topic: Win32/Pronny (alias Beebone)
Replies: 6
Views: 4237

Win32/Pronny (alias Beebone)

Hi All, New 8 files of worm:Win32/Vobfus. list of md5s 0378295CAA597C03C4AB03E0D05376E8 20258E9E021332B4C2635E559E6A3571 2419DB8237D6019D7976D90F576C03DA 51AE659C5179AFD3FE4D4AB7268889D0 5A47F39A008B1E3791F72CA4BA8F4F66 601C34861B00C0EFB016692EAAEAC5B0 7D9EF029DC86D15E6364E6F18EAA9DE9 CA1A4DB825A65B...
by rough_spear
Fri Aug 02, 2013 6:07 am
Forum: Malware
Topic: Win32/Zeus (alias Zbot)
Replies: 281
Views: 361486

Re: Win32/Zeus (alias Zbot)

Hi All,

ZBOT mentioned in http://www.kernelmode.info/forum/postin ... 74#pr20302

Regards,

rough_spear.