I think its an trojan, if not feel free to delete this topic
http://www.virustotal.com/file-scan/rep ... 1291547386
http://www.virustotal.com/file-scan/rep ... 1291547386
Attachments
(83.76 KiB) Downloaded 86 times
A forum for reverse engineering, OS internals and malware analysis
kernel32.dll Urlmon.dll Shell32.dll GetProcAddress URLDownloadToFileA ShellExecuteA \Microsoft\ UPCOMP||*|| open
PING||*||
UDPStart||*||
DOWNCOMP||*||
IDLE||*||
USB||*||Infected Drive
FOX||*||
PONG||*||
SYNStart||*||
firstconnect||*||
:\autorun.inf [autorun]
shell=verb
open=
action=Open folder to view files shell\open=Open icon=%SystemRoot%\system32\SHELL32.dll,4
ddoser
_x_X_PASSWORDLIST_X_x_
_x_X_UPDATE_X_x_
_x_X_BLOCKMOUSE_X_x_
markusg wrote:next one:Real size is about 80 Kb. Found nothing except funny PDB string.
http://www.virustotal.com/file-scan/rep ... 1291631825
C:\Users\sherry\documents\visual studio 2010\Projects\CrackerJack\CrackerJack\obj\x86\Release\CrackerJack.pdb