A forum for reverse engineering, OS internals and malware analysis 

Rogue Antimalware (FakeAV, 2012 year)

Forum for analysis and discussion about malware.
 Topic locked

Re: Rogue antimalware (FakeAV, FakeAlert)

 #13906  by Xylitol
 Mon Jun 11, 2012 6:26 pm
Windows Privacy Counsel
https://www.virustotal.com/file/15ce8ee ... /analysis/
Code: Select all
http://defendsafetylow.in/0520091375cbc551/11/setup.exe
• dns: 1 ›› ip: 77.79.10.12 - adresse: GALAINT.STATONLINEKIT.IN
• dns: 1 ›› ip: 77.79.10.14 - adresse: DEFENDSAFETYLOW.IN
• dns: 1 ›› ip: 77.79.10.15 - adresse: 0520091375CBC551.FIREWALLSAFETYSTABILITY.IN
Attachments
infected
(1.45 MiB) Downloaded 56 times

Re: Rogue antimalware (FakeAV, FakeAlert)

 #13907  by Win32:Virut
 Mon Jun 11, 2012 6:36 pm
Windows Privacy Counsel (FakeVimes):

MD5: 9248aefd0886cda740764d5b808e3b87

https://www.virustotal.com/file/3407d57 ... /analysis/
infected
(1.52 MiB) Downloaded 66 times
Live Security Platinum (Winwebsec):

5db33.exe https://www.virustotal.com/file/d6d3a1c ... /analysis/
96ece.exe https://www.virustotal.com/file/f70037e ... /analysis/
f424f.exe https://www.virustotal.com/file/180619e ... /analysis/
infected
(941.87 KiB) Downloaded 54 times

Re: Rogue antimalware (FakeAV, FakeAlert)

 #13947  by Win32:Virut
 Wed Jun 13, 2012 2:01 pm
Windows Instant Scanner (FakeVimes)

MD5: 3dacd28be0b96f91368e9545b865c641
Password: infected
(1.71 MiB) Downloaded 63 times
https://www.virustotal.com/file/721cae3 ... /analysis/


MD5: f4a684f5e35e4942a3d5bd4090b98fa2

https://www.virustotal.com/file/98c5a83 ... /analysis/
Password: infected
(1.71 MiB) Downloaded 54 times

Re: Rogue antimalware (FakeAV, FakeAlert)

 #14017  by Win32:Virut
 Sat Jun 16, 2012 8:39 am
Live Security Platinum (Winwebsec)

MD5: 0d18e363c3105ef963fc91879354723e

https://www.virustotal.com/file/fdc972c ... /analysis/
VirusTotal wrote:First seen by VirusTotal
2012-06-16 08:28:49 UTC ( 10 minutes ago )
Password: infected
(333.24 KiB) Downloaded 54 times
Live Security Platinum (Winwebsec) - new icon

MD5: 7bef06528006a8e79b15cfc49c80344b

https://www.virustotal.com/file/c8f5383 ... /analysis/
VirusTotal wrote:First seen by VirusTotal
2012-06-15 20:40:55 UTC ( 14 hours, 54 minutes ago )
Password: infected
(325.16 KiB) Downloaded 63 times

Trojan:Win32/FakeSysdef

 #14108  by dumb110
 Wed Jun 20, 2012 6:33 am
SHA256: cf6f26dfa8c1faa7828280f682fa9a04d363bec9b2bff81e8c7558a4046a783a File name: AKD-243821.pdf.exe Detection ratio: 1 / 42

Sample please! :lol:

Re: Malware Requests, part 2

 #14109  by Xylitol
 Wed Jun 20, 2012 6:48 am
dumb110 wrote:SHA256: cf6f26dfa8c1faa7828280f682fa9a04d363bec9b2bff81e8c7558a4046a783a File name: AKD-243821.pdf.exe Detection ratio: 1 / 42

Sample please! :lol:
Attachments
infected
(779.41 KiB) Downloaded 92 times

Re: Malware Requests, part 2

 #14113  by Xylitol
 Wed Jun 20, 2012 9:44 am
dumb110 wrote:https://www.virustotal.com/file/1170946 ... 340183665/
https://www.virustotal.com/file/b25cc31 ... 340184202/

samples please :lol:
Attachments
infected
(333.21 KiB) Downloaded 79 times
infected
(328.17 KiB) Downloaded 80 times
 Topic locked
  • 1
  • 21
  • 22
  • 23
  • 24
  • 25
  • 46
 Return to “Malware”