SafeGroup

SafeGroup > Bezpieczeństwo > Malware Lab > Paczki, malware, złośliwe pliki, linki itp.
Pełna wersja: Paczki, malware, złośliwe pliki, linki itp.
Aktualnie przeglądasz uproszczoną wersję forum. Kliknij tutaj, by zobaczyć wersję z pełnym formatowaniem.
Stron: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189

Adi Cherryson

28.08.2012, 00:18

[Aby zobaczyć linki, zarejestruj się tutaj]



012-08-27-tomatto007-92files: 72/92 78,26%

ZBot nowy by Waves97: 1/1
7 sampli ZBOT by tachion: 7/7
CRIDEX by tachion:1/1
FakeAV - WinWebSec - Live Security Platinum: 1/1
Sality: 1/1

tomatto007

28.08.2012, 06:25
Malware info:
SHA256: 929ccfdd04ad8fdd65c52408d438d2682cec578c2a507eee87eed14c754327ce
SHA1: fc1e6a2316f26b4b36ccc32ec1753beb963bacb1
MD5: bc2f0afc479b89fa88e931ada63e5a2e
File size: 37.5 KB ( 38400 bytes )

VT info (20/42):

[Aby zobaczyć linki, zarejestruj się tutaj]


Changes in the system:

  1. Registry Key:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\Microsoft Driver Setup: "%WinDir%\yodrive32.exe"
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup: "%WinDir%\yodrive32.exe"

    Files:
    %WinDir%\yodrive32.exe


[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw:infected[/malware]

tomatto007

28.08.2012, 07:47
75 files - Identified as malicious on VT (probably many AdWare)
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw: sg
Files MD5:
133B84008D61563B6E99F861DFB325B9
DA91AEA78AC9267C4893CEFF7B2E552B
80E87FD12D212FAB6D6CFF52446F8E1A
FC702061F5B8879A8DC7A3953CD9E8F0
50B048E15CFE5C740C612A774CD6AE60
B9E7C13B377D4D24481AB3CF7CF102D0
C7DFEABCEF860054F9D4C91C382E5EE7
FBB8DB3DD4FA4B34994AE06C9739BFDB
DFDABE2C8899562A3139C8BE22A9A8E2
6F3E10ABDC39D05B5BB7EE2D547A73C0
D2A6EF2946BD6B38BD4011D647534F9B
5BC3A5C4DC4D872907D27B891B12738F
D79A6AAFDE74B806DB1758866B6423B3
7946882547AE73EF6A38B97EDE4FD1AB
617F980059120DA6AA0C06C2F94F860A
CFC3C52EA29010691326232773626486
884CD72DC51924C6FCE87F148C9D750B
690A52EF8A3406E36F335B3247095B00
F5F01D57283A7A9D8C491D57F449015E
9C48AF4B64FA2E92F073A7EC9090D4BB
08C4352FC00F5AE0A94E6D28D2D1C323
DFEB5EC309ABCC23483CCB62FB399FA2
D23AD64D78C15E919D542A2558C0D05C
398B1815DC6265900C12723FC9C52BF4
3DD742965E72DEB792EA97DA7E03C7C0
A57593DA30AF3F5BC864F63D8F4749CF
BACF3DDFFDE027EE84BD5CE6ACE7E7AA
D7E716D03CC74846CCD2AB5775615F36
79ED120A3AC19046A518B3172DFC8399
B52CD91D8F6117E0B2E4BF794F95F811
0DD6BEFC5E1994015F76F0BAC0E798BA
1CBD1EA6FDE364AEB4525F49E0B83E7D
241A7EA8DF0C8B9933FCA6F55FE71950
CAAAFB3271D190E4F15855E5468A1CC5
5164A3002E6EB47B89FCD76397A9F9C5
848F9A91F5D2D1BD37391E7757BFD575
7C5BB36579C1B8C144F24795DA212AC1
3A13F61730ED2616BC1DEE31CB76CC20
EFDE69B7F9749FB97A0C06605DE06D1F
78B95A51E9B3669C9718509B9F0B861E
69D03BC47364A6AF01EB6D72A3D84FC8
54C216B857BA69C151C073EFBD440636
1B74CD6880748DA2989911F5D0704F30
31101855780F6A6EB64C848F860F540B
5BB82F97CDD9D13FD0D93033CB8D4A97
69C4F1E94E59FAFFBC8C61B142743D92
AB9B861703FDA5B437033A908A93BB66
8DF0251CBBEF33DA488940044EE0ED96
DD7E93FF30749C9DD49D3F66AD4E7243
BAB99D2664EC517058222C528FE506D9
BC1A8F6C530B5C9D65E7B6CFC593A5BF
81A52FC2B82062FA58974730B4E5676B
BCCFC38199B7D48918A94E7C10B58493
FAF5BB028D4B806255FDB2B3FE127C6E
7F5E67AB18B3CDA1D74CFDE1447E2BDF
61316E966B9CCE79E0C8065DB8AF730E
17E492F9FF284B2CD5B7413CAF920653
7ED39E10D6CF125B6C84DFF00B1A90A5
0BFE233D27FA38CE5BFA9238DC8522E1
F810086419960329CC58A813DF00C81B
8E9FBE5AE40075090D294D0EB8006FAF
B043D450ABC0ECCF417EB7B8D9DA07EA
45E52ED39E6DAECCF3FDA08E4E119F50
2B903827F86FFB851ACC7D4F5D5EF754
03056C75CAD685FE1EC690A684D8E3ED
3273308E4E319B8B445FE8F5461B1269
7F7366E443351E679FB96D587E7C11C7
DA2437210156DFD4862D6B16EEFCA01E
E3BD266A905A63E705DDA2A3C0440644
A37EBAEEF0612BA65D556870CDF41CA4
134345CBD0757BB3FB76C93DB404A226
9DB81D8B584C0693776C2CC24392E411
340E208C48F223DD5548A4ECC229B64B
4A8DA9E8DC18C340BB62202DF4012B0C
0B497A6A353036877AC1B22A054BFEF5[/malware]

ktośtam

28.08.2012, 07:55
tomatto007 napisał(a): 75 files - Identified as malicious on VT (probably many AdWare)
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw: sg
Files MD5:
133B84008D61563B6E99F861DFB325B9
DA91AEA78AC9267C4893CEFF7B2E552B
80E87FD12D212FAB6D6CFF52446F8E1A
FC702061F5B8879A8DC7A3953CD9E8F0
50B048E15CFE5C740C612A774CD6AE60
B9E7C13B377D4D24481AB3CF7CF102D0
C7DFEABCEF860054F9D4C91C382E5EE7
FBB8DB3DD4FA4B34994AE06C9739BFDB
DFDABE2C8899562A3139C8BE22A9A8E2
6F3E10ABDC39D05B5BB7EE2D547A73C0
D2A6EF2946BD6B38BD4011D647534F9B
5BC3A5C4DC4D872907D27B891B12738F
D79A6AAFDE74B806DB1758866B6423B3
7946882547AE73EF6A38B97EDE4FD1AB
617F980059120DA6AA0C06C2F94F860A
CFC3C52EA29010691326232773626486
884CD72DC51924C6FCE87F148C9D750B
690A52EF8A3406E36F335B3247095B00
F5F01D57283A7A9D8C491D57F449015E
9C48AF4B64FA2E92F073A7EC9090D4BB
08C4352FC00F5AE0A94E6D28D2D1C323
DFEB5EC309ABCC23483CCB62FB399FA2
D23AD64D78C15E919D542A2558C0D05C
398B1815DC6265900C12723FC9C52BF4
3DD742965E72DEB792EA97DA7E03C7C0
A57593DA30AF3F5BC864F63D8F4749CF
BACF3DDFFDE027EE84BD5CE6ACE7E7AA
D7E716D03CC74846CCD2AB5775615F36
79ED120A3AC19046A518B3172DFC8399
B52CD91D8F6117E0B2E4BF794F95F811
0DD6BEFC5E1994015F76F0BAC0E798BA
1CBD1EA6FDE364AEB4525F49E0B83E7D
241A7EA8DF0C8B9933FCA6F55FE71950
CAAAFB3271D190E4F15855E5468A1CC5
5164A3002E6EB47B89FCD76397A9F9C5
848F9A91F5D2D1BD37391E7757BFD575
7C5BB36579C1B8C144F24795DA212AC1
3A13F61730ED2616BC1DEE31CB76CC20
EFDE69B7F9749FB97A0C06605DE06D1F
78B95A51E9B3669C9718509B9F0B861E
69D03BC47364A6AF01EB6D72A3D84FC8
54C216B857BA69C151C073EFBD440636
1B74CD6880748DA2989911F5D0704F30
31101855780F6A6EB64C848F860F540B
5BB82F97CDD9D13FD0D93033CB8D4A97
69C4F1E94E59FAFFBC8C61B142743D92
AB9B861703FDA5B437033A908A93BB66
8DF0251CBBEF33DA488940044EE0ED96
DD7E93FF30749C9DD49D3F66AD4E7243
BAB99D2664EC517058222C528FE506D9
BC1A8F6C530B5C9D65E7B6CFC593A5BF
81A52FC2B82062FA58974730B4E5676B
BCCFC38199B7D48918A94E7C10B58493
FAF5BB028D4B806255FDB2B3FE127C6E
7F5E67AB18B3CDA1D74CFDE1447E2BDF
61316E966B9CCE79E0C8065DB8AF730E
17E492F9FF284B2CD5B7413CAF920653
7ED39E10D6CF125B6C84DFF00B1A90A5
0BFE233D27FA38CE5BFA9238DC8522E1
F810086419960329CC58A813DF00C81B
8E9FBE5AE40075090D294D0EB8006FAF
B043D450ABC0ECCF417EB7B8D9DA07EA
45E52ED39E6DAECCF3FDA08E4E119F50
2B903827F86FFB851ACC7D4F5D5EF754
03056C75CAD685FE1EC690A684D8E3ED
3273308E4E319B8B445FE8F5461B1269
7F7366E443351E679FB96D587E7C11C7
DA2437210156DFD4862D6B16EEFCA01E
E3BD266A905A63E705DDA2A3C0440644
A37EBAEEF0612BA65D556870CDF41CA4
134345CBD0757BB3FB76C93DB404A226
9DB81D8B584C0693776C2CC24392E411
340E208C48F223DD5548A4ECC229B64B
4A8DA9E8DC18C340BB62202DF4012B0C
0B497A6A353036877AC1B22A054BFEF5[/malware]


EAM- 56/75 - 74,67%
Pozostałe próbki wysłane do analizy.

jasiekkidawa

28.08.2012, 08:44
G DATA IS 2013:
54/75 ( 72,0% )

Galactico

28.08.2012, 09:11
tomatto007 napisał(a): 75 files - Identified as malicious on VT (probably many AdWare)
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw: sg
Files MD5:
133B84008D61563B6E99F861DFB325B9
DA91AEA78AC9267C4893CEFF7B2E552B
80E87FD12D212FAB6D6CFF52446F8E1A
FC702061F5B8879A8DC7A3953CD9E8F0
50B048E15CFE5C740C612A774CD6AE60
B9E7C13B377D4D24481AB3CF7CF102D0
C7DFEABCEF860054F9D4C91C382E5EE7
FBB8DB3DD4FA4B34994AE06C9739BFDB
DFDABE2C8899562A3139C8BE22A9A8E2
6F3E10ABDC39D05B5BB7EE2D547A73C0
D2A6EF2946BD6B38BD4011D647534F9B
5BC3A5C4DC4D872907D27B891B12738F
D79A6AAFDE74B806DB1758866B6423B3
7946882547AE73EF6A38B97EDE4FD1AB
617F980059120DA6AA0C06C2F94F860A
CFC3C52EA29010691326232773626486
884CD72DC51924C6FCE87F148C9D750B
690A52EF8A3406E36F335B3247095B00
F5F01D57283A7A9D8C491D57F449015E
9C48AF4B64FA2E92F073A7EC9090D4BB
08C4352FC00F5AE0A94E6D28D2D1C323
DFEB5EC309ABCC23483CCB62FB399FA2
D23AD64D78C15E919D542A2558C0D05C
398B1815DC6265900C12723FC9C52BF4
3DD742965E72DEB792EA97DA7E03C7C0
A57593DA30AF3F5BC864F63D8F4749CF
BACF3DDFFDE027EE84BD5CE6ACE7E7AA
D7E716D03CC74846CCD2AB5775615F36
79ED120A3AC19046A518B3172DFC8399
B52CD91D8F6117E0B2E4BF794F95F811
0DD6BEFC5E1994015F76F0BAC0E798BA
1CBD1EA6FDE364AEB4525F49E0B83E7D
241A7EA8DF0C8B9933FCA6F55FE71950
CAAAFB3271D190E4F15855E5468A1CC5
5164A3002E6EB47B89FCD76397A9F9C5
848F9A91F5D2D1BD37391E7757BFD575
7C5BB36579C1B8C144F24795DA212AC1
3A13F61730ED2616BC1DEE31CB76CC20
EFDE69B7F9749FB97A0C06605DE06D1F
78B95A51E9B3669C9718509B9F0B861E
69D03BC47364A6AF01EB6D72A3D84FC8
54C216B857BA69C151C073EFBD440636
1B74CD6880748DA2989911F5D0704F30
31101855780F6A6EB64C848F860F540B
5BB82F97CDD9D13FD0D93033CB8D4A97
69C4F1E94E59FAFFBC8C61B142743D92
AB9B861703FDA5B437033A908A93BB66
8DF0251CBBEF33DA488940044EE0ED96
DD7E93FF30749C9DD49D3F66AD4E7243
BAB99D2664EC517058222C528FE506D9
BC1A8F6C530B5C9D65E7B6CFC593A5BF
81A52FC2B82062FA58974730B4E5676B
BCCFC38199B7D48918A94E7C10B58493
FAF5BB028D4B806255FDB2B3FE127C6E
7F5E67AB18B3CDA1D74CFDE1447E2BDF
61316E966B9CCE79E0C8065DB8AF730E
17E492F9FF284B2CD5B7413CAF920653
7ED39E10D6CF125B6C84DFF00B1A90A5
0BFE233D27FA38CE5BFA9238DC8522E1
F810086419960329CC58A813DF00C81B
8E9FBE5AE40075090D294D0EB8006FAF
B043D450ABC0ECCF417EB7B8D9DA07EA
45E52ED39E6DAECCF3FDA08E4E119F50
2B903827F86FFB851ACC7D4F5D5EF754
03056C75CAD685FE1EC690A684D8E3ED
3273308E4E319B8B445FE8F5461B1269
7F7366E443351E679FB96D587E7C11C7
DA2437210156DFD4862D6B16EEFCA01E
E3BD266A905A63E705DDA2A3C0440644
A37EBAEEF0612BA65D556870CDF41CA4
134345CBD0757BB3FB76C93DB404A226
9DB81D8B584C0693776C2CC24392E411
340E208C48F223DD5548A4ECC229B64B
4A8DA9E8DC18C340BB62202DF4012B0C
0B497A6A353036877AC1B22A054BFEF5[/malware]


AVG IS 2012
44/75 (58,67%)

Flash999

28.08.2012, 10:16
AVG 2013 IS 45/75 (60%)
+ IDP:
48/75 (64%)
+Uruchamianie:
50/75 (66,7%)

gr83

28.08.2012, 10:20
75 files - Identified as malicious on VT (probably many AdWare)

ESET6
54/75(72%)

andrzej76

28.08.2012, 10:48
McAfee Total Protection 2012 -

107/120 (89,2%)
39/75(52%)

Twoja stara

28.08.2012, 14:36
tomatto007 napisał(a): 75 files - Identified as malicious on VT (probably many AdWare)
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw: sg [/malware]


Avast - 51/75 68%
+ Malwarebytes - 56/75 74.66%
+ HitmanPro - 67/75 89.33%

lopez

28.08.2012, 14:45
AVG IS 2012

47/75 62,7%

kolon22

28.08.2012, 15:12
Comodo IS
54/75 (72%)

slav

28.08.2012, 15:54
[quote="Waves97"] ZBot nowy
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pass: sg[/malware]

[Aby zobaczyć linki, zarejestruj się tutaj]


Eset AV 5 wykrywa Kingsoft AV milczy

Zbot x4 i x3 wykrywa

10/11

malwarepanda

28.08.2012, 16:54
slav napisał(a):
Waves97 napisał(a):ZBot nowy
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pass: sg[/malware]

[Aby zobaczyć linki, zarejestruj się tutaj]


Eset AV 5 wykrywa Kingsoft AV milczy

Zbot x4 i x3 wykrywa

10/11

Emsisoft 1/1 = 100% =Trojan-Spy.Win32.Zbot!E1

ELWIS1

28.08.2012, 18:28
Immunet free 61/75 (81,33%)
Całkiem dobry wynik biorąc pod uwagę, że nic im nie wysyłałem

Immunet+Avira 71/75 (94,66%)

Adi Cherryson

29.08.2012, 00:32

[Aby zobaczyć linki, zarejestruj się tutaj]



2012-08-27-tomatto007-75files: 57/75 (76,00%)

Dziś mało roboty. Tylko jedna paczka. Pozwoliłem sobie zrobić ranking podanych wyników na tej paczce:

tomatto007 napisał(a): 75 files - Identified as malicious on VT (probably many AdWare)


1. Immunet free: 61/75 (81,33%)
2. Dr.Web: 57/75 (76,00%)
3. EAM: 56/75 (74,67%)
4. Comodo IS 54/75: (72%); G DATA IS 2013: 54/75 (72,0%) i ESET6: 54/75 (72%)
5. Avast: 51/75 (68%)
6. AVG IS 2012: 47/75 (62,7%) *
7. AVG 2013 IS: 45/75 (60%)
8. McAfee Total Protection 2012: 39/75 (52%)

* Wyniki AVG IS 2012 podał Galactico i lopez. Przyjąłem lepszy wynik lopeza, który skanował paczkę później.

McAfee coś słabo sobie poradził. Immunet Free doskonale. Dr.Web przed EAM (zwykle bywał niżej). Do czwartego miejsca - w normie. Smile

jasiekkidawa

29.08.2012, 06:56
Dołożę jeszcze wynik KIS 2013 Smile
40/75 ( 53,3% )

tommyklab

29.08.2012, 08:14
Nawiązując do tego tematu:

[Aby zobaczyć linki, zarejestruj się tutaj]


Java7 0day 2012.08.23 (2 samples):

W sumie już nie taki 0day - 6 dzień mija on pierwszego wykrycia na VT.

[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]


pass: sg

Folder 2012-08 by tommy:

[Aby zobaczyć linki, zarejestruj się tutaj]

Folder 2012-07 by tommy:

[Aby zobaczyć linki, zarejestruj się tutaj]

Folder 2012-06 by tommy:

[Aby zobaczyć linki, zarejestruj się tutaj]

Folder 2012-05 by tommy:

[Aby zobaczyć linki, zarejestruj się tutaj]

[/malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]



about CVE-2012-4681 vulnerability:

[Aby zobaczyć linki, zarejestruj się tutaj]



are you vulnerable to the latest 0-day exploit?

[Aby zobaczyć linki, zarejestruj się tutaj]


Malware urls Java7 0day:

Ten pierwszy exploituje javę 7 (update 0-6) w przeglądarce, ściąga i uruchamia .exe

[malware] malicious urls:

[Aby zobaczyć linki, zarejestruj się tutaj]

-

[Aby zobaczyć linki, zarejestruj się tutaj]

[Aby zobaczyć linki, zarejestruj się tutaj]

-

[Aby zobaczyć linki, zarejestruj się tutaj]

[/malware]

Historia IP tego Java7 0day (na scumware jest od 2012.08.27):

[Aby zobaczyć linki, zarejestruj się tutaj]


Czyli to już było:

[Aby zobaczyć linki, zarejestruj się tutaj]

, tylko tym razem najnowsza wersja javy 7 nie jest odporna na nowego exploita Smile no i inny ładunek (trojan)

ELWIS1

29.08.2012, 08:21
Mcafee Site Advisor blokuje te stronySmile

tomatto007

29.08.2012, 09:29
85 files - Identified as malicious on VT (probably many AdWare)
[malware]

[Aby zobaczyć linki, zarejestruj się tutaj]

pw: sg
Files MD5:
FB2830BFE6ECD3B2B7461EB440B52DFB
13ECA70B3A6A8CACA06AF63C5BDD4C04
7B3CAAD180C4688144FA29E195163565
5780CED7D725C2F45A4F4C4888AC5F1A
CE1F3A52784220BC7BF0261A5B01EE6B
9A55DB74DB0940E1B82C22494CA63668
89E562A1894A02D634486EBA4912DC80
28CD356917D416D417201F216E6E1FB6
90AF6583453050320C748E2118E549BA
04292AD313C3CF78C29EE047D7AEEFF9
1CCB660F2BB5D3EA31ABCF6E9C62B97A
3D5A2FB4C0266CDB46AF9674D203F59A
D87B9311E46A8AA78D2C66418E26776F
34EAD304C4535F967436D116533AADC6
956A909B79AF00E6636829AEEB52A823
0D9B38A906A7232106D370E4DA46CDA3
60165575EFA6027A6371A7C4EF8D00C5
E13C5424637031A0D8D2478E2CF75F44
2A77AEF7F7ACEC6FFD0B226CD4EF926F
7F8356497ECA7E29EED174E176F3998E
678E3BC1EF1A87E8BC0307C6ED4DFE38
46F499EBB25B292F0FC3323DE2686B83
49446E52C382E146B77842A627744AAE
D2797760E684FC657B41F130BA570733
FC0570F189C172B51C08363803E89443
518B70D11E5609D83472DCF6639A9FCE
8A091FA3CF551758E9CF9F5BDBFF6D09
20A61F9C3149E6DD4EC2515EFEC63FE1
6F57E3EB01BB6B3C4BC969F412402CD4
8B6D9A251AC5A80652B1A6C63882027A
E4C84EA103DC20FB46461F586D2E437B
FE5271231AEBB64B498A995705ADD88C
7B014BD29EF5982E7DA191CCEDA10BB5
587028657BEE9E1CC90B6B555368D73A
3526786518055E1313D5D1B5B72BD793
6139380C1A3DF39BF23E7AB899762B22
F68BCDE3D46F42C77BE8B4D362D95032
7FCDC7DF37D2E06ED21D9F9F2B131289
3A2AD9C52BD07A2C12E7F76F915511C3
37BB95EF6B89D3F61BC492739E6A5DC5
EEBD588BBDB927E0E445E9520CAB9E88
622CF37DAEF85C4D5B237B43D0C6CF01
DC88B16DFD0820CCFAEC011BA449EA56
0A7BB9B93A012E6A2C8E970938D183DD
1E7B822CB80D094FB25E22E8B6B1174F
D89C087DA006137AECB7CFCB33A23FA0
84F0305E630BB4E54C2725B5C6105038
0E1409B6A9CCE8EF1D364966A948798F
D0742DEB0872C3326992B2B946646F7D
C1F08B79DB6ECD27ACAA152FD159273B
8C4B9BA787588D767F6E0856D9B89654
A90DFB1479184D449A09A719EE2E484A
8F1E8F9101A711A353AECC09968A68F1
99CFD5844F32042534DFBE45417E41AF
743576FF184532B519C6B800670E6FEB
D425D8CC3A294F9F944297DDCD770B9A
5844D79295CDC45193EDB4917204AE70
CA04D3D2E7B5C8A1BD4608A53C78D343
AAAA28AB47607DD40583EDB3CB6346FC
4A9EF0E12346FA81CC034A64725705A7
2FA2B73BD8C94DE1AB4647F334C96947
4C39C1A17321DFE98ED888D2B94E7F3C
B07A1747A873B432FB532990FFD9BEE2
0F31781F9AC504F36825B6B8F6045AEF
3D70895B04D914823A92C947D2FC45EF
ADEC118F2935523AB32904BA60762745
FF896EB3BA936C86DC3C818431187ED2
8001EC97B8B47475BFEA53AFFF4F95AC
6F2C3CA40B2208FC092F71E228B5BFEE
F2FA6BAAC4FF65442EAD7D71DB222B6F
28566F3BA9524242834B8DC824B037BB
667C6D380E5582F5082244C9CFE6F0C4
AE14A19F67508B2F771A1C121531AE02
B2F254C09091FAFAB9108C3D3B2DC6F4
37CA17CCE865589FF8460572EA2EEF79
61F85A3B7BEB9DC588463179D349BAE6
E6665DEF86793A9DDC4E6756DD9B7AF1
2CDE54DB6A714A5F8A6F1827473376C8
F2E1E52F9A344EDC3A35430F4459D44A
E35E687D41AC7762248B6D4E53CA450B
D9B8679BC4DF99D6DC6456651BEA07C2
66154E8C6DA3B32D4CB693116D279FF9
1883A67DC4B879D3BD8701A17C58CD49
584304BC7AB4E7E415CDD940C006BE21
014AEDB28E9A0512498BA77F5EE40D12[/malware]
Stron: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189
SafeGroup > Bezpieczeństwo > Malware Lab > Paczki, malware, złośliwe pliki, linki itp.