10.04.2012, 12:22
tomatto007 napisał(a):Malware info:
SHA256: 79d34bc92c1ccd50c2ace1b8d0affe89f1e3708f29417e71d554c784036e470d
SHA1: df9891c4e962cad9389fe9cdf9681a8003bbc953
MD5: 8e22616de48a5736cc1929d5e101010e
File size: 941.5 KB ( 964096 bytes )
VT info:
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
Registry key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FacbookUpdate: "%Appdata%\FacbookUpdate.exe"
Files:
%Appdata%\FacbookUpdate.exe
%Temp%\plugtemp\Service.exe
C:\autorun.inf
C:\Rundll32.exe
Do you have sample? Can you upload this?