A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #19482  by EP_X0FF
 Thu May 30, 2013 9:27 am
Old and infamous password stealer, http://www.microsoft.com/security/porta ... %2fLdpinch.

Modern Fareit, Karagany and Reveton password stealer dll contains modules derived from Win32/Ldpinch family.

SHA1
Code: Select all
00a9d426f46f6ff6f3251588a595719c843bce94
03201edccd7bc832a991563b1bb65dfe781eb589
0b46fee4995c0cb1cd3229f56f6a0676ba9117c9
15fd57bd2fb59bf4f6e7f77fd1117c3116a5167a
24d9fa00ac9b5a71282a12f69ddd19df6b06bcf4
3099c6c4207775f4a27a1c4f0a3174476a9cbce3
39aa98a5fd56adb1dcab92f9d24daba3ec8f315b
44d106ff566910ae68ce90497fd7099469505590
50596083ebcd4d2f4f5da300adebc953a6c8744f
583200e66fe0f139339563605fea02f1613b7edd
58ffdf7371de11b60dca8b5490aa5e2be6d58da1
63af81480251fb809562a132d5902391ed498dfc
681501d698d4e800dbcec5dbefcb7bc27afe7396
81f7c98c5237c26ce64193eb9e9943695c9cd801
86526d328533eaa4bf1b27749d5a4c594a47418a
8e4bd5e2c221ae8a75f027d406da1fe30098c631
959134e504e620afa6e2528a3fca2c940e4c324d
a238fd8cd9c8077eca2427f4b51c7384221c34b2
a325300f60d1e363fa010492ea538fc824a6b609
a5db053597ec4c6a0a8afa36e539be33a91c108a
b2049f68059e99a6b3112f0ee589f20ad68b765c
b6a96d597992f5c2881d83ef8c6307927c491e8c
b7c01af15c35f01406aef38ec7681c091c40b07b
bc120c3a0d409fef6aa3b08bd59dad8d6b582d95
c7222101a7af242aefcb8864248187a48e896dab
cd623b0f3499986f905a93f2a74d807142fd5b2d
ce0a2703301c263db6b051b1a95d0bc3c19d945f
ce3505ebc8374c75678a4cddcef593375f258095
d06b0a615a5ebf297ab51e11dc2da960ceb5c2c1
d30cd1b5d6a8b93806cac9fe2b368b39abb4f0af
d4eefa47596b33d1b68182a032d093e83dc16852
dab538fc12b13fbd6887a5bc1be2e99cbc640919
dd9f75846b2548043505277f5954ea4970ca23d2
e183e5968d611aac35617589601848a54d57fc35
eb0d539693ab801cd5789ae54d124565ef49e5c2
ebaaf63dd70833a24e81ebececef6485ce9c41b7
edf77560508fa8e6434daa21b7ebc5b38928caba
eeb6d65947f860540e4b83c25f94f1dcaa502cac
f277bd6083846081c122cba6acdfc5d391fab6cb
fb045ee43adbd93383074be8791e2a306577dff7
Attachments
pass: infected
(1.15 MiB) Downloaded 56 times