A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #20219  by Win32:Virut
 Fri Jul 26, 2013 11:38 am
FUD

SHA256: 5058a0a92db56c4fed278a916bac86dc2da6157c831be29e50ecaca559cc6b17
SHA1: 6cf8aa35312abbe80dd1045c4eda8d1f5f045e31
MD5: 8edb22f4b7ef42b4ef4a319a81343743
File size: 104.0 KB ( 106496 bytes )
File name: 68.exe
Detection ratio: 0 / 46
https://www.virustotal.com/en/file/5058 ... /analysis/

SHA256: 6d0b49e40d2742b4697a428f8b042eba564fe9f535cca3aa00ab37b87ee20655
SHA1: 3a2c0c0e44a1a840d02294b3db2f374586c77368
MD5: 7e58997921ca3a43d9ac4324dd3dbb7c
File size: 104.0 KB ( 106496 bytes )
File name: 58.exe
Detection ratio: 0 / 46
https://www.virustotal.com/en/file/6d0b ... /analysis/

SHA256: 6c87fdfd6e83c2a9ec8541e8a24a606d1397d7ccf2470c4581038b50925363ee
SHA1: 5388b254bbc17a4a87d5f5e59d1aa521c4b68f2e
MD5: 316aec764f80749998b23d99262dd34d
File size: 104.0 KB ( 106496 bytes )
File name: 26.exe
Detection ratio: 0 / 46
https://www.virustotal.com/en/file/6c87 ... /analysis/
Attachments
(140.52 KiB) Downloaded 67 times
 #20222  by Win32:Virut
 Fri Jul 26, 2013 12:50 pm
_http://slimxxxtubevdn.ddns.name/2013/animal-sex-free.avi.exe
_http://slimxxxtubeejs.ddns.name/2013/dog_sex_first_time.avi.exe
_http://slimxxxtubekrn.ddns.name/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubeull.dnset.com/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubewfl.ddns.name/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubekgv.ddns.name/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubexwb.dnset.com/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubelap.ddns.name/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubekgv.ddns.name/2013/girl-fucked-by-dog.avi.exe
_http://streamblowjobpimpmaturetube.de/30/movie1080p.mkv.exe
_http://slimxxxtubefel.ddns.name/2013/free-animal-porn-video.avi.exe
_http://tube8vidsjtq.ddns.name/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubejie.dnset.com/2013/free-animal-porn-video.avi.exe
_http://tube8vidsdob.dnset.com/2013/free-animal-porn-video.avi.exe
_http://tube8vidshhr.ddns.name/2013/girl-fucked-by-dog.avi.exe
_http://tube8vidsnlq.dnset.com/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsotz.dnset.com/2013/free-animal-porn-video.avi.exe
_http://slimxxxtubevdn.ddns.name/2013/hardcore-animal-sex-video.avi.exe
_http://slimxxxtubeejs.ddns.name/2013/zoo-sex-episode-5.avi.exe
_http://slimxxxtubeqve.dnset.com/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsiww.ddns.name/2013/dog_sex_first_time.avi.exe
_http://tube8vidsxpg.ddns.name/2013/girl-fucked-by-dog.avi.exe
_http://tube8vidsxhx.dnset.com/2013/dog_sex_first_time.avi.exe
_http://tube8vidszso.dnset.com/2013/horse_sex_video.avi.exe
_http://tube8vidsbbr.dnset.com/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsbzx.dnset.com/2013/horse_sex_video.avi.exe
_http://tube8vidsrau.dnset.com/2013/horse_sex_video.avi.exe
_http://tube8vidsrau.dnset.com/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsrjm.ddns.name/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidszmi.ddns.name/2013/dog_sex_first_time.avi.exe
_http://tube8vidsjtq.ddns.name/2013/FlashPlayer_11_7_update_for_Win.exe
_http://tube8vidsbfr.ddns.name/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsbfr.ddns.name/2013/horse_sex_video.avi.exe
_http://tube8vidsznj.ddns.name/2013/hardcore-animal-sex-video.avi.exe
_http://tube8vidssrq.ddns.name/2013/horse_sex_video.avi.exe
_http://tube8vidselw.ddns.name/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidscwg.dnset.com/2013/animal-sex-free.avi.exe
_http://tube8vidslus.dnset.com/2013/zoo-sex-episode-5.avi.exe
_http://tube8vidsyzd.ddns.name/2013/dog_sex_first_time.avi.exe
 #20367  by Win32:Virut
 Sat Aug 03, 2013 7:36 pm
Detected only by Kaspersky and Symantec.

SHA256: 78d2f25dc0bb2bae849f5891173fbf1855245b1d57dd09d0219a2fe35cd0af3a
SHA1: 9d76a2a1fd14f08efd086a129c358d1c9af0a796
MD5: 517e0eb96ab03b3e6752e720cb4b1606
File size: 95.5 KB ( 97792 bytes )
File name: movie1080p.mkv.exe
Detection ratio: 2 / 46
Analysis date: 2013-08-03 19:34:42 UTC ( 0 minutes ago )
https://www.virustotal.com/en/file/78d2 ... 375558482/
Attachments
(57.71 KiB) Downloaded 106 times
 #20513  by Evilcry
 Sat Aug 17, 2013 3:10 pm
SHA256: cd3620edf22450be66127d647ecebad06de972a2a542c2780212f46480cc8139
SHA1: edf7b757c4ca2c7f63fba6beece763c345f03ca5
MD5: efc786adda00b8117a178527f88c3d44
File size: 86.5 KB ( 88576 bytes )
File name: movie1080p.mkv.exe
File type: Win32 EXE
Detection ratio: 3 / 46
Analysis date: 2013-08-17 13:37:06 UTC

https://www.virustotal.com/en/file/cd36 ... 376746626/
Attachments
Password: infected
(60.78 KiB) Downloaded 79 times
 #20529  by N3mes1s
 Mon Aug 19, 2013 7:47 am
SHA256: 18babdfb7f6be5d0bcc7da82b2ae84f19543236fba3befa1ea5daeb74286f379
SHA1: 0b3df817f730659d8bbfdf1b6cb965196e68d0ca
MD5: 0d70263ce9f1f9786974b16a75aaadb9
File size: 115.0 KB ( 117760 bytes )
File name: movie1080p.mkv.exe
File type: Win32 EXE
Detection ratio: 2 / 46
Analysis date: 2013-08-19 07:39:54 UTC

https://www.virustotal.com/en/file/18ba ... 376897994/

http://urlquery.net/search.php?q=movie1 ... -19&max=50
Attachments
Password: infected
(59.42 KiB) Downloaded 70 times
 #20559  by Evilcry
 Thu Aug 22, 2013 7:07 am
SHA256: 49d5aedce06aace5541dfc295fdac86366e5375764040129ac0e831a674f0774
SHA1: 2bcb770dc1089eb42cba5a21ffcba0fd2c7eec2b
MD5: 12b1cd37647ff7a02d372b8af62854b6
File size: 104.5 KB ( 107008 bytes )
File name: movie1080p.mkv.exe
File type: Win32 EXE
Detection ratio: 3 / 46

https://www.virustotal.com/en/file/49d5 ... 377154757/
Attachments
Password: infected
(60.13 KiB) Downloaded 75 times
 #20638  by Cody Johnston
 Thu Aug 29, 2013 6:49 pm
Grabbed this sample today:

Image

Archive includes images from Windows\Temp folder for UI as well as packed samples:

SHA256: 11ff81066796f5d6a2988dffd683e6ab76b84049a2cbe284b053a8f120012762
SHA1: df52d50dc9cccbf7679a2bdfe18596f92523c1d0
MD5: 4ad230aa5eea88ed96c885353336392c
File size: 96.0 KB ( 98304 bytes )
File name: 136828.exe
File type: Win32 EXE
Detection ratio: 5 / 46
Attachments
Password: infected
(1.19 MiB) Downloaded 91 times
  • 1
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9