[rkhunter]

SHA1: 799b13fc163c040b224410f8d69c5efbd1bee9fe
MD5: 1db68c69d45d240d7efc9e3997003845

One more dropper with payload in attach.

[thisisu]

http://kb.eset.com/esetkb/index?page=co ... d=SOLN2895

Has anyone tested this out?

[SecConnex]

I don't know about the Sirefef tool against the latest. I do know the Services tool helps repair broken/damaged Services, as I just used it recently. I actually used it for somebody whose install of ESET products was not allowing updates. After the Service Repair Tool, ESET software functioned.

[rkhunter]

Just another dropper with very low detection.

SHA1: df9a0c0ead154fcdd07bf33b86451a1179e1a205
MD5: dd1945d47648704fe730ad7d554a6693

2 / 42 https://www.virustotal.com/file/3effdd9 ... /analysis/

[dumb110]

4 more droppers...quite new..

[rkhunter]

MD5: 44db432f1a161bec1a329ded1997b7f8
SHA1: 5c4502414d91fe7c42796dec27d5dd08b8b1fa2b

[dumb110]

SHA1:0e4a18c535452158d24dcd714a898e9acb9ebd11
MD5: fb58aa523e31161b7c2654b31eb62076

Brand new! https://www.virustotal.com/file/3a5c7a4 ... /analysis/

0/42... http://anubis.iseclab.org/?action=resul ... ormat=html

[dumb110]

https://www.virustotal.com/file/beeda9d ... /analysis/
attached...

[EP_X0FF]

SHA1:0e4a18c535452158d24dcd714a898e9acb9ebd11
MD5: fb58aa523e31161b7c2654b31eb62076

Brand new! https://www.virustotal.com/file/3a5c7a4 ... /analysis/

0/42... http://anubis.iseclab.org/?action=resul ... ormat=html

It isn't new, simple crypter refined. Actually most components are the same, some dated back to beginning of July.

[EP_X0FF]

https://www.virustotal.com/file/beeda9d ... /analysis/
attached...

Not password protected - removed and reuploaded in combined archive (inside your original dropper, decrypted dropper and all extracted payload files). Current Sirefef updates only addressing detection of p2p.32.dll (n32) as most detected component after dropper itself.