KernelMode.info

Hi,

Looking Trojan.Prinimalka sample for research, please find details below.

File MD5: 09F75A3FCAEB2C46DD67B666A109D844
File SHA-1: 82299834EA7D733BBDE268F12E131E1C2E9686E2
Filesize: 157,184 bytes

following Mutex object was created:

sdfsdfsdfsdfsfsdfsdfsdfsdfsdf

following URLs was then requested from the remote web server:

http://93.115.241.114/system/prinimalka ... c=00000000
http://93.115.241.114/system/prinimalka ... =127.0.0.1

Reference Link:
http://www.threatexpert.com/report.aspx ... 66a109d844
http://ddos.arbornetworks.com/2012/10/t ... nd-pieces/

Thanks,

KTX

kalptarunet wrote:Hi,

Looking Trojan.Prinimalka sample for research, please find details below.

File MD5: 09F75A3FCAEB2C46DD67B666A109D844
File SHA-1: 82299834EA7D733BBDE268F12E131E1C2E9686E2
Filesize: 157,184 bytes

following Mutex object was created:

sdfsdfsdfsdfsfsdfsdfsdfsdfsdf

following URLs was then requested from the remote web server:

http://93.115.241.114/system/prinimalka ... c=00000000
http://93.115.241.114/system/prinimalka ... =127.0.0.1

Reference Link:
http://www.threatexpert.com/report.aspx ... 66a109d844
http://ddos.arbornetworks.com/2012/10/t ... nd-pieces/

Thanks,

KTX

>> http://www.kernelmode.info/forum/viewto ... =16&t=1894
be7dd5fde86860657e1fc514267fd5f06cab1bfaaeefeceb724c0921c68e612f on files.zip