ACAD/Medre.A a worm that steals AutoCAD drawings

#14308 by mikeinhouston
Tue Jun 26, 2012 10:54 pm

I found this article http://www.esecurityplanet.com/malware/ ... lware.html
about a worm that steals AutoCad drawings and sends them to China (among other things).

I searched VirusTotal for ACAD/Medre.A and did not see any hits. Is anyone familiar with this?

If this is industrial espionage from China it would be prudent to get familiar with it and how it works.

I'm looking for a sample. If anyone has one, can you provide a sample?

Username

mikeinhouston

Posts

5

Joined

Wed May 30, 2012 3:42 pm

Re: ACAD/Medre.A a worm that steals AutoCAD drawings

#14310 by EP_X0FF
Wed Jun 27, 2012 3:39 am

This is Worm:ALisp/Blemfox.A

https://www.virustotal.com/file/7c48914 ... /analysis/

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: ACAD/Medre.A a worm that steals AutoCAD drawings

#14311 by hnpl2011
Wed Jun 27, 2012 4:52 am

mikeinhouston wrote:I found this article http://www.esecurityplanet.com/malware/ ... lware.html
about a worm that steals AutoCad drawings and sends them to China (among other things).

I searched VirusTotal for ACAD/Medre.A and did not see any hits. Is anyone familiar with this?

If this is industrial espionage from China it would be prudent to get familiar with it and how it works.

I'm looking for a sample. If anyone has one, can you provide a sample?

http://www.kernelmode.info/forum/viewto ... =40#p14154

Username

hnpl2011

Posts

48

Joined

Mon Jan 24, 2011 8:53 am