Rootkit ZeroAccess (alias MaxPlus, Sirefef) - Page 31

Re: Rootkit ZeroAccess (alias Max++, Sirefef)

#12950 by thisisu
Sun Apr 29, 2012 10:28 pm

MD5: 1441c7ad5caca7b26c3e23684c0ec88c
https://www.virustotal.com/file/15064b1 ... /analysis/
Oak Technology Inc. .DLLs

Attachments

1441c7ad5caca7b26c3e23684c0ec88c.zip

pass: infected
(165.76 KiB) Downloaded 64 times

Username

thisisu

Posts

362

Joined

Sun Feb 26, 2012 8:57 am

Contact

Re: Rootkit ZeroAccess (alias Max++, Sirefef)

#12965 by thisisu
Tue May 01, 2012 3:50 am

MD5: fde386f0018d598b726a00bdec63f7d2
https://www.virustotal.com/file/0c37d53 ... /analysis/
Oak Technology Inc. .DLLs

Attachments

fde386f0018d598b726a00bdec63f7d2.zip

pass: infected
(164.24 KiB) Downloaded 53 times

Username

thisisu

Posts

362

Joined

Sun Feb 26, 2012 8:57 am

Contact

Re: Rootkit ZeroAccess (alias Max++, Sirefef)

#12966 by thisisu
Tue May 01, 2012 4:00 am

MD5: bda5cb134a5915804a8f1bec95f54503
https://www.virustotal.com/file/d6d5f72 ... /analysis/
Oak Technology Inc. .DLLs

Attachments

play_video_click_run.zip

pass: infected
(163.96 KiB) Downloaded 66 times

Username

thisisu

Posts

362

Joined

Sun Feb 26, 2012 8:57 am

Contact

Re: Rootkit ZeroAccess (alias Max++, Sirefef)

#12969 by rkhunter
Tue May 01, 2012 8:25 am

ZeroAccess research by McAfee http://blogs.mcafee.com/mcafee-labs/tar ... illes-heel

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Rootkit ZeroAccess (alias Max++, Sirefef)

#12970 by R136a1
Tue May 01, 2012 8:58 am

Malware Analysis: Encrypted p2p C&C Botnet – ZeroAccess/Sirefef
http://www.kindsight.net/en/blog/2012/0 ... esssirefef

Kindsight Malware Analysis - ZeroAcess-Botnet
https://www.kindsight.net/sites/default ... -final.pdf

Interesting information when considering a botnet takedown.

Malware Reversing
http://www.malware-reversing.com