Pulled this one from a live machine. MSE detects as Nymaim.A ( http://www.microsoft.com/security/porta ... 2FNymaim.A )
https://www.virustotal.com/file/c65fff4 ... 359492243/
MD5: 5a5770a8e1920aad5eb923aa43c2322d
https://www.virustotal.com/file/c65fff4 ... 359492243/
MD5: 5a5770a8e1920aad5eb923aa43c2322d
Code: Select all
HKU\Owner\...\Winlogon: [Shell] C:\Users\Owner\AppData\Roaming\ldr.mcb,explorer.exe [x]
Attachments
pass: infected
(134.79 KiB) Downloaded 102 times
(134.79 KiB) Downloaded 102 times