Page 9 of 29

Re: Trojan Zeus (alias ZBot)

PostPosted:Wed Apr 04, 2012 9:41 am
by Maxstar
Just received by mail (Zbot / Zeus)

rapport.pdf.exe
https://www.virustotal.com/file/7c7d876 ... 333532039/
MD5: a025d1e92bb21a1f494059fb12280802
Detection ratio: 5 / 42

Re: Trojan Zeus (alias ZBot)

PostPosted:Thu Apr 05, 2012 8:31 am
by rkhunter
Evilcry wrote:A gift from ZeuS for passengers of US Airways
http://www.securelist.com/en/blog/20819 ... US_Airways

In the footer available the list of ZeuS MD5 hashes involved.
PWS:Win32/Zbot.gen!AF
https://twitter.com/#!/msftmmpc/status/ ... 8585039873

Re: Trojan Zeus (alias ZBot)

PostPosted:Thu Apr 05, 2012 12:30 pm
by nullptr
MD5: 42DDF04F7C2E0B9D7F76B332A549EBE6
5/42 - https://www.virustotal.com/file/618d1ea ... 333628305/

dropper + unpacked in attachment

Re: Trojan Zeus (alias ZBot)

PostPosted:Tue Apr 10, 2012 10:51 am
by Maxstar
Just recieved by mail

rapport.pdf.exe (Zeus / Zbot)
https://www.virustotal.com/file/d652e56 ... 334054761/
MD5: b849d83081ff7bfe236d32893de8adb9
Detection ratio: 5 / 42

Re: Trojan Zeus (alias ZBot)

PostPosted:Tue Apr 10, 2012 11:05 am
by rkhunter

Re: Trojan Zeus (alias ZBot)

PostPosted:Wed Apr 11, 2012 9:49 am
by Maxstar
Zeus / Zbot

rapport.pdf1
https://www.virustotal.com/file/dbf4757 ... 334137361/
MD5: b3dde60b637221449e2a61328e5fc55a
Detection ratio: 6 / 40

Re: Trojan Zeus (alias ZBot)

PostPosted:Thu Apr 12, 2012 6:09 pm
by rkhunter
Guys, I wondered that most ZBot c&c hosted at Europe and US area...
And another, why is still functioning...and not taken down?

Image

Source - https://zeustracker.abuse.ch/

Re: Trojan Zeus (alias ZBot)

PostPosted:Fri Apr 13, 2012 2:35 am
by EP_X0FF
rkhunter wrote:And another, why is still functioning...and not taken down?
This is called freedom.

Re: Trojan Zeus (alias ZBot)

PostPosted:Fri Apr 13, 2012 5:29 am
by rkhunter
Critical analysis of Microsoft Operation B71 (against ZBot/Zeus/SpyEye botnet)
http://blog.fox-it.com/2012/04/12/criti ... ation-b71/

Re: Trojan Zeus (alias ZBot)

PostPosted:Fri Apr 13, 2012 6:01 am
by EP_X0FF
Typical butthurt.