A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #9707  by Xylitol
 Tue Nov 15, 2011 12:08 pm
Interesting article from the MMPC ~ Easy Money: Program:Win32/Pameseg (part one)
http://blogs.technet.com/b/mmpc/archive ... t-one.aspx

HoaxSMS Skype in attach.
http://www.virustotal.com/file-scan/rep ... 1321358231
Attachments
pw: infected
(2.99 MiB) Downloaded 75 times
 #9729  by Xylitol
 Thu Nov 17, 2011 2:40 pm
Attachments
pw: infected
(4.23 MiB) Downloaded 68 times
pw: infected
(2.8 MiB) Downloaded 65 times
 #12113  by rough_spear
 Thu Mar 15, 2012 5:44 am
Hi All, :D
Probably be a Win32.Banker as i didn't tested it yet.

VT link - https://www.virustotal.com/file/bbff0da ... /analysis/
SHA256: bbff0dad6a97b0de581aa100db6405154f9f789a02f23d140e1abb2b867fd361

web link - hxxp://www.spyware-adware-remover.com/sr/FixEr ... ryScan.exe

Regards,

rough_spear. ;)
Attachments
password - malware.
(2.06 MiB) Downloaded 80 times
 #12123  by EP_X0FF
 Thu Mar 15, 2012 10:52 am
rough_spear wrote:Hi All, :D
Probably be a Win32.Banker as i didn't tested it yet.

VT link - https://www.virustotal.com/file/bbff0da ... /analysis/
SHA256: bbff0dad6a97b0de581aa100db6405154f9f789a02f23d140e1abb2b867fd361

web link - hxxp://www.spyware-adware-remover.com/sr/FixEr ... ryScan.exe

Regards,

rough_spear. ;)
It is a fake registry fixer packed in SFX archive and created with AutoPlay Media Studio 5 Runtime.
Posts moved.
  • 1
  • 6
  • 7
  • 8
  • 9
  • 10
  • 12