[rkhunter]

I know that many U.S. companies/providers resell hosting to eastern Europe companies, so this is not unusual.

[NarfBang]

Interesting piece on NBC the other night.

http://www.msnbc.msn.com/id/21134540/vp ... 6#46815636

[rkhunter]

https://zeustracker.abuse.ch/statistic.php

[Maxstar]

I think this is a also a Zbot / Zeus sample!

https://www.virustotal.com/file/8a30fbe ... /analysis/
MD5: c215cba7566628f984f8649f1218963a
Detection ratio: 3 / 42

[rkhunter]

New modifications of ZBot were observed at last two days: PWS:Win32/Zbot.AES, PWS:Win32/Zbot.AET.
Droppers in attach.

[rkhunter]

I think this is a also a Zbot / Zeus sample!

If I not mistaken, archive without password actually. Reupload, please.

[Maxstar]

I think this is a also a Zbot / Zeus sample!

If I not mistaken, archive without password actually. Reupload, please.

I can't edit my post anymore, but I will send a PM to one of the moderators.
I also uploaded this sample by Emsisoft and MBAM and they don't want password protected archives so I have uploaded here the wrong archive. sorry.

[rkhunter]

ZBot collection, observed last 10 days.

http://narod.ru/disk/44870347001.f93d33 ... t.zip.html

[EP_X0FF]

PWS Zbot extracted from BH EK. In archive dropper + unpacked.

4 / 42
https://www.virustotal.com/file/f2b32a4 ... /analysis/

[Evilcry]

A gift from ZeuS for passengers of US Airways
http://www.securelist.com/en/blog/20819 ... US_Airways

In the footer available the list of ZeuS MD5 hashes involved.