A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #10246  by NarfBang
 Thu Dec 08, 2011 7:13 pm
BAAA HAAAA!
I went back to the URL and tooled around in the folder directory and found these 6 other files. Some ID as ZeroAccess, others not so much. All seven files (including corrupted one) are in the 7z. I am newb and not so good at IDing things correctly. Mods please move files that don't belong here.

Are these all ZA variants?
Attachments
Pass = infected
(1.19 MiB) Downloaded 82 times
 #10247  by ConanTheLibrarian
 Thu Dec 08, 2011 7:30 pm
Play_Movie2287_Click_Run.exe - 0A.aml
Play_Movie3732_Click_Run.exe - 0A.h
Play_Movie4054_Click_Run.exe - 0A.aml
Play_Movie5227_Click_Run.exe - 0A.h
Play_Movie6260_Click_Run.exe - 0A.aml
Play_Movie7418_Click_Run.exe - 0A.h
Play_Movie8733_Click_Run.exe - 0A.aml


Thanks.
  • 1
  • 17
  • 18
  • 19
  • 20
  • 21
  • 38