Win32/Rortiem.A

#14199 by R136a1
Sat Jun 23, 2012 4:58 pm

If somebody has the following sample, please upload.

MD5: cf446e1d423afb9933b211d28d3ea33a

Malware Reversing
http://www.malware-reversing.com

Username

R136a1

Rank

Forum Admin

Posts

272

Joined

Wed Jul 13, 2011 4:30 pm

Location

Netherlands

Re: Malware Requests, part 2

#14201 by Xylitol
Sat Jun 23, 2012 5:59 pm

R136a1 wrote:If somebody has the following sample, please upload.

MD5: cf446e1d423afb9933b211d28d3ea33a

Attachments

2aa35ae062f83248585b924dd668ed0a1a3089550a772900789b0feba1a923bb.zip

infected
(60.09 KiB) Downloaded 71 times

Registration Problems and FAQ - Rules For Malware Requests

Username

Xylitol

Rank

Global Moderator

Posts

1706

Joined

Sat Apr 10, 2010 5:54 pm

Location

Seireitei, Soul Society

Contact

Re: Malware Requests, part 2

#14202 by rkhunter
Sat Jun 23, 2012 6:35 pm

Xylitol wrote:
R136a1 wrote:If somebody has the following sample, please upload.

MD5: cf446e1d423afb9933b211d28d3ea33a

Interesting, rootkit. Can anyone attach dropped driver?

Username

rkhunter

Posts

1156

Joined

Mon Mar 15, 2010 12:51 pm

Location

Russian Federation

Contact

Re: Malware Requests, part 2

#14205 by R136a1
Sat Jun 23, 2012 6:59 pm

rkhunter wrote:
Xylitol wrote:
R136a1 wrote:If somebody has the following sample, please upload.

MD5: cf446e1d423afb9933b211d28d3ea33a
Interesting, rootkit. Can anyone attach dropped driver?

Driver attached, please keep me up to date about any discoveries.

At first glance the file is just a dropper/loader for the driver and does nothing else. More to come...

Attachments

driver.zip

PW: infected
(36.14 KiB) Downloaded 60 times

Malware Reversing
http://www.malware-reversing.com

Username

R136a1

Rank

Forum Admin

Posts

272

Joined

Wed Jul 13, 2011 4:30 pm

Location

Netherlands