Jump to content

Malwarebytes

A Few Trojans

Started by Jaxryley, Mar 11 2009 05:27 AM

103 replies to this topic

#1
Jaxryley
Posted 11 March 2009 - 05:27 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
None hit by MBAM, some well known over at VT others not.

Coupla samples.

Quote

File G5.exe received on 03.11.2009 11:16:23 (CET)
Current status: finished
Result: 13/39 (33.33%)
Virus Total
File size: 18432 bytes

---------------------------------------------------------------

Quote

File G4.exe received on 03.11.2009 11:16:17 (CET)
Current status: finished
Result: 17/39 (43.59%)
Virus Total
File size: 17920 bytes

----------------------------------------------------------------
hxxp://u8.1369zz.com/sb/niu.exe
hxxp://u8.1369zz.com/sb/kill.exe
hxxp://u8.1369zz.com/la/L1.exe
hxxp://u8.1369zz.com/la/L2.exe
hxxp://u2.1369zz.com/gb/G1.exe
hxxp://u2.1369zz.com/gb/G5.exe
hxxp://u2.1369zz.com/lm/S10.exe
hxxp://u2.1369zz.com/lm/S8.exe
hxxp://u2.1369zz.com/lm/S1.exe
hxxp://u8.1369zz.com/la/L4.exe
hxxp://u8.1369zz.com/la/L3.exe
hxxp://u2.1369zz.com/gb/G2.exe
hxxp://u2.1369zz.com/lm/S2.exe
hxxp://u2.1369zz.com/lm/S6.exe
hxxp://u2.1369zz.com/lm/S15.exe
hxxp://u2.1369zz.com/lm/S3.exe
hxxp://u9.1369zz.com/cj/1a.exe
hxxp://u8.1369zz.com/la/L17.exe
hxxp://u8.1369zz.com/la/L6.exe
hxxp://u2.1369zz.com/gb/G4.exe

-------------------------------------------------------------------------------
All of em:
hxxp://rapidshare.com/files/207884138/U1-2_Site_Exes.zip.html

#2
Jaxryley
Posted 11 March 2009 - 07:24 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Some more trojans not hit.

Quote

File dnf0303.exe received on 03.11.2009 13:07:55 (CET)
Current status: finished
Result: 15/39 (38.46%)
Virus Total
File size: 18944 bytes

-------------------------------------------------------------

Quote

File jxsj-0217.exe received on 03.11.2009 13:08:00 (CET)
Current status: finished
Result: 20/39 (51.28%)
Virus Total
File size: 16384 bytes


hxxp://b.xxoozjz.com:56868/xz/wd0213.exe
hxxp://b.xxoozjz.com:56868/xz/dnf0303.exe
hxxp://b.xxoozjz.com:56868/xz/jxsj-0217.exe
hxxp://b.xxoozjz.com:56868/xz/dh20213.exe
hxxp://b.xxoozjz.com:56868/xz/zx0213.exe
hxxp://b.xxoozjz.com:56868/xz/zt-0218.exe
hxxp://b.xxoozjz.com:56868/xz/wow-0225.exe
hxxp://b.xxoozjz.com:56868/xz/my-0217.exe
hxxp://b.xxoozjz.com:56868/xz/mhuan-0221.exe
hxxp://b.xxoozjz.com:56868/xz/qqhx-0225.exe
hxxp://b.xxoozjz.com:56868/xz/wz-0219.exe
hxxp://b.xxoozjz.com:56868/xz/rxcq-0221.exe
hxxp://b.xxoozjz.com:56868/xz/wmgj-0221.exe
hxxp://b.xxoozjz.com:56868/xz/qqxx-0225.exe
hxxp://b.xxoozjz.com:56868/xz/qqsg-0309.exe
hxxp://b.xxoozjz.com:56868/xz/jh-0226.exe
hxxp://b.xxoozjz.com:56868/xz/dj-0225.exe
hxxp://b.xxoozjz.com:56868/xz/tl-0228.exe
hxxp://b.xxoozjz.com:56868/xz/cb-0305.exe

-------------------------------------------------------------
All of em:
hxxp://rapidshare.com/files/207920871/XXOOZ_exes.zip.html

#3
Jaxryley
Posted 12 March 2009 - 02:54 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only 10.exe getting hit.

Sample:

Quote

File 2.exe received on 03.12.2009 08:39:44 (CET)
Current status: finished
Result: 17/39 (43.59%)
Virus Total

hxxp://f.wuc8.com/dd/1.exe
hxxp://f.wuc8.com/dd/2.exe
hxxp://f.wuc8.com/dd/6.exe
hxxp://f.wuc8.com/dd/9.exe
hxxp://f.wuc8.com/dd/10.exe
hxxp://don.b1du.net/down/gbwd.exe
hxxp://don.b1du.net/down/gbdnf.exe
hxxp://don.b1du.net/down/gbqqhx.exe
hxxp://don.b1du.net/down/gbwl.exe
hxxp://don.b1du.net/down/gbdj.exe
hxxp://don.b1du.net/down/gbdh2.exe
hxxp://don.b1du.net/down/gbrxcq.exe
hxxp://don.b1du.net/down/gbmy.exe
hxxp://don.b1du.net/down/gbrxjh.exe
hxxp://don.b1du.net/down/gbwmgj.exe
hxxp://don.b1du.net/down/gbzt.exe
hxxp://don.b1du.net/down/gbjxsj.exe
hxxp://don.b1du.net/down/hmtlbb.exe
hxxp://don.b1du.net/down/hmmh.exe
hxxp://don.b1du.net/down/gbcqwz.exe

-------------------------------------------------------------
All of em:
hxxp://rapidshare.com/files/208247756/HXXP_DON.zip.html

#4
Jaxryley
Posted 16 March 2009 - 04:32 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
None hit by MBAM.
hxxp://baidusab.cn/22/0.exe
hxxp://baidusab.cn/22/1.exe
hxxp://baidusab.cn/22/2.exe
hxxp://baidusab.cn/22/3.exe
hxxp://baidusab.cn/22/4.exe
hxxp://baidusab.cn/22/5.exe
hxxp://baidusab.cn/22/6.exe
hxxp://baidusab.cn/22/7.exe
hxxp://baidusab.cn/22/8.exe
hxxp://baidusab.cn/22/9.exe
hxxp://baidusab.cn/22/10.exe
hxxp://baidusab.cn/22/11.exe
hxxp://baidusab.cn/22/12.exe
hxxp://baidusab.cn/22/13.exe
hxxp://baidusab.cn/22/14.exe
hxxp://baidusab.cn/22/15.exe
hxxp://baidusab.cn/22/16.exe
hxxp://baidusab.cn/22/17.exe
hxxp://baidusab.cn/22/19.exe
hxxp://baidusab.cn/22/20.exe

Sample:

Quote

File 0.exe received on 03.16.2009 10:14:47 (CET)
Current status: finished
Result: 21/39 (53.85%)
Virus Total

All of em:
hxxp://rapidshare.com/files/209808743/0-20_exes.zip.html

#5
Jaxryley
Posted 18 March 2009 - 07:11 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only horsedxc.exe hit by MBAM.
hxxp://www.rhgfee.cn/c/kjhgjh.exe
hxxp://www.rhgfee.cn/c/DH.exe
hxxp://www.rhgfee.cn/c/setup_1027299.exe
hxxp://www.rhgfee.cn/c/1201.exe
hxxp://www.rhgfee.cn/c/555.exe
hxxp://www.rhgfee.cn/c/1155.exe
hxxp://www.rhgfee.cn/c/msn080.exe
hxxp://www.rhgfee.cn/y/horsems.exe
hxxp://www.rhgfee.cn/y/horsedxc.exe
hxxp://www.rhgfee.cn/y/horsemh.exe
hxxp://www.rhgfee.cn/y/horsetl.exe
hxxp://www.rhgfee.cn/y/horsejxsj.exe
hxxp://www.rhgfee.cn/y/horseqqhx.exe
hxxp://www.rhgfee.cn/y/horsezx.exe
hxxp://www.rhgfee.cn/y/horsewd.exe
hxxp://www.rhgfee.cn/y/horsecqwz.exe
hxxp://www.rhgfee.cn/y/horseqq.exe
hxxp://www.rhgfee.cn/y/horsemy.exe
hxxp://www.rhgfee.cn/y/horsewm.exe
hxxp://www.rhgfee.cn/y/horsexx.exe

Sample:

Quote

File DH.exe received on 03.18.2009 12:56:53 (CET)
Current status: finished
Result: 12/37 (32.43%)
Virus Total

All of em:
hxxp://rapidshare.com/files/210667958/rhgfee_trojans.zip.html

#6
Jaxryley
Posted 21 March 2009 - 02:52 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only L17.exe hit.
hxxp://u8.dtw360.com/sb/ko.exe
hxxp://u1.dtw360.com/la/fm.exe
hxxp://u2.dtw360.com/gb/B1.exe
hxxp://u2.dtw360.com/gb/B2.exe
hxxp://u1.dtw360.com/la/L1.exe
hxxp://u1.dtw360.com/la/L3.exe
hxxp://u1.dtw360.com/la/L4.exe
hxxp://u1.dtw360.com/la/L2.exe
hxxp://u2.dtw360.com/gz/G3.exe
hxxp://u2.dtw360.com/gz/G10.exe
hxxp://u2.dtw360.com/gz/G1.exe
hxxp://u2.dtw360.com/gz/G15.exe
hxxp://u2.dtw360.com/gz/G4.exe
hxxp://u2.dtw360.com/gz/G31.exe
hxxp://u2.dtw360.com/gz/G32.exe
hxxp://u2.dtw360.com/gz/G14.exe
hxxp://u2.dtw360.com/gz/G9.exe
hxxp://u9.dtw360.com/cj/1a.exe
hxxp://u1.dtw360.com/la/L17.exe
hxxp://u1.dtw360.com/la/L6.exe

Sample:

Quote

File ko.exe received on 03.21.2009 08:38:11 (CET)
Current status: finished
Result: 28/39 (71.79%)
Virus Total

All of em:
hxxp://rapidshare.com/files/211704606/dtw360-com.zip.html

#7
Lorne
Posted 21 March 2009 - 03:10 PM

    New Member

  • Members
  • Pip
  • 2 posts
Awesome list! Thanks!

#8
Jaxryley
Posted 23 March 2009 - 11:48 PM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Not hitting 2, 10, 11, 12, 16, 17, 20
hxxp://a.baidu-6661.com:6135/axszl123sd/newads01.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads02.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads03.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads04.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads05.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads06.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads07.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads08.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads13.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads10.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads11.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads12.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads09.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads14.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads15.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads16.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads17.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads18.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads19.exe
hxxp://a.baidu-6661.com:6135/axszl123sd/newads20.exe

All of em:
hxxp://rapidshare.com/files/212827414/Newads_1-20.zip.html

#9
Jaxryley
Posted 24 March 2009 - 05:45 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only 10.exe hit.
hxxp://g.wuc8.com/dd/1.exe
hxxp://g.wuc8.com/dd/2.exe
hxxp://g.wuc8.com/dd/6.exe
hxxp://g.wuc8.com/dd/9.exe
hxxp://g.wuc8.com/dd/10.exe

All of em:
hxxp://rapidshare.com/files/212902387/wuc8_sites.zip.html

#10
Jaxryley
Posted 30 March 2009 - 01:03 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Mbam is hitting 8 of these:

hxxp://125.64.40.244/qq01/wmwmwm.exe
hxxp://125.64.40.244/qq01/wwow.exe
hxxp://125.64.40.244/qq01/wwd.exe
hxxp://125.64.40.244/qq01/wdnf.exe
hxxp://125.64.40.244/qq01/wjxsj.exe
hxxp://125.64.40.244/qq01/wzyhx.exe
hxxp://125.64.40.244/qq01/wzt.exe
hxxp://125.64.40.244/qq01/wmy.exe
hxxp://125.64.40.244/qq01/wmhuan.exe
hxxp://125.64.40.244/qq01/wqqxx.exe
hxxp://125.64.40.244/qq01/wqqsg.exe
hxxp://125.64.40.244/qq01/wqqhx.exe
hxxp://125.64.40.244/qq01/wwmgj.exe
hxxp://125.64.40.244/qq01/wtl.exe
hxxp://125.64.40.244/qq01/wjr.exe
hxxp://125.64.40.244/qq01/wcb.exe
hxxp://125.64.40.244/qq01/wcs.exe
hxxp://125.64.40.244/qq01/wrxcq.exe

All of em:
hxxp://rapidshare.com/files/215206528/W_-_Trojans.zip.html

#11
Jaxryley
Posted 30 March 2009 - 01:33 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only tira.jpg getting hit:

hxxp://patinho10.007gb.com/grdbn.jpg
hxxp://patinho10.007gb.com/uhosts.jpg
hxxp://patinho10.007gb.com/wte383.jpg
hxxp://patinho10.007gb.com/tira.jpg
hxxp://patinho10.007gb.com/tiratxt.jpg
hxxp://patinho10.007gb.com/tiracmd.jpg
hxxp://patinho10.007gb.com/helpsystemtira.jpg

All of em:
hxxp://rapidshare.com/files/215211820/Trojans_JPG.zip.html

#12
Jaxryley
Posted 30 March 2009 - 02:19 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Several misses below:

hxxp://122.224.4.72/img/1.exe
hxxp://122.224.4.72/img/2.exe
hxxp://122.224.4.72/img/wow.exe
hxxp://122.224.4.72/img/3.exe
hxxp://122.224.4.72/img/4.exe
hxxp://122.224.4.72/img/5.exe
hxxp://122.224.4.72/img/6.exe
hxxp://122.224.4.72/img/7.exe
hxxp://122.224.4.72/img/8.exe
hxxp://122.224.4.72/img/9.exe
hxxp://122.224.4.72/img/10.exe
hxxp://122.224.4.72/img/11.exe
hxxp://122.224.4.72/img/12.exe
hxxp://122.224.4.72/img/13.exe
hxxp://122.224.4.72/img/14.exe
hxxp://122.224.4.72/img/15.exe
hxxp://122.224.4.72/img/16.exe
hxxp://122.224.4.72/img/17.exe
hxxp://122.224.4.72/img/18.exe
hxxp://122.224.4.72/img/19.exe
hxxp://122.224.4.72/img/20.exe
hxxp://122.224.4.72/img/21.exe
hxxp://122.224.4.72/img/22.exe
hxxp://122.224.4.72/img/23.exe
hxxp://122.224.4.72/img/24.exe
hxxp://122.224.4.72/img/25.exe
hxxp://122.224.4.72/img/26.exe
hxxp://122.224.4.72/img/27.exe

All of em:
hxxp://rapidshare.com/files/215222115/Numbers_Trojans.zip.html

#13
Jaxryley
Posted 30 March 2009 - 08:21 PM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Not hit.
hxxp://u9.ggoovv.com/cj/csj.exe
hxxp://u9.ggoovv.com/cj/a8.exe
hxxp://u9.ggoovv.com/cj/q2.exe
hxxp://u9.ggoovv.com/cj/q1.exe

Quote

File csj.exe received on 03.31.2009 02:52:48 (CET)
Current status: finished
Result: 12/40 (30.00%)
Virus Total

All of em:
hxxp://rapidshare.com/files/215554929/ggoovv.zip.html

#14
Jaxryley
Posted 31 March 2009 - 04:11 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Only 24.exe getting hit.

hxxp://yygeiwofc.cn/77/1.exe
hxxp://yygeiwofc.cn/77/2.exe
hxxp://yygeiwofc.cn/77/3.exe
hxxp://yygeiwofc.cn/77/4.exe
hxxp://yygeiwofc.cn/77/5.exe
hxxp://yygeiwofc.cn/77/6.exe
hxxp://yygeiwofc.cn/77/7.exe
hxxp://yygeiwofc.cn/77/8.exe
hxxp://yygeiwofc.cn/77/10.exe
hxxp://yygeiwofc.cn/77/11.exe
hxxp://yygeiwofc.cn/77/12.exe
hxxp://yygeiwofc.cn/77/14.exe
hxxp://yygeiwofc.cn/77/15.exe
hxxp://yygeiwofc.cn/77/17.exe
hxxp://yygeiwofc.cn/77/20.exe
hxxp://yygeiwofc.cn/77/21.exe
hxxp://yygeiwofc.cn/77/77.exe
hxxp://yygeiwofc.cn/77/24.exe
hxxp://yygeiwofc.cn/77/26.exe
hxxp://yygeiwofc.cn/77/31.exe

Sample:

Quote

File 1.exe received on 03.31.2009 10:56:22 (CET)
Current status: finished
Result: 14/40 (35.00%)
Virus Total

All of em:
hxxp://rapidshare.com/files/215661738/Numbers_exe_Trojans.zip.html

#15
Jaxryley
Posted 31 March 2009 - 05:34 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
1 to 14.exe, 18.exe and 51.dll getting hit but not the rest.

hxxp://121.12.104.205:66/q1q1mamaa/kill.exe
hxxp://121.12.104.205:66/q1q1mamaa/1.exe
hxxp://121.12.104.205:66/q1q1mamaa/2.exe
hxxp://121.12.104.205:66/q1q1mamaa/3.exe
hxxp://121.12.104.205:66/q1q1mamaa/4.exe
hxxp://121.12.104.205:66/q1q1mamaa/5.exe
hxxp://121.12.104.205:66/q1q1mamaa/6.exe
hxxp://121.12.104.205:66/q1q1mamaa/7.exe
hxxp://121.12.104.205:66/q1q1mamaa/8.exe
hxxp://121.12.104.205:66/q1q1mamaa/9.exe
hxxp://121.12.104.205:66/q1q1mamaa/10.exe
hxxp://121.12.104.205:66/q1q1mamaa/11.exe
hxxp://121.12.104.205:66/q1q1mamaa/12.exe
hxxp://121.12.104.205:66/q1q1mamaa/13.exe
hxxp://121.12.104.205:66/q1q1mamaa/14.exe
hxxp://121.12.104.205:66/q1q1mamaa/15.exe
hxxp://121.12.104.205:66/q1q1mamaa/16.exe
hxxp://121.12.104.205:66/q1q1mamaa/17.exe
hxxp://121.12.104.205:66/q1q1mamaa/18.exe
hxxp://121.12.104.205:66/q1q1mamaa/19.exe
hxxp://121.12.104.205/q1q1mamaa/20.exe
hxxp://121.12.104.205/q1q1mamaa/21.exe
hxxp://121.12.104.205/q1q1mamaa/22.exe
hxxp://121.12.104.205/q1q1mamaa/23.exe
hxxp://121.12.104.205/q1q1mamaa/24.exe
hxxp://121.12.104.205/q1q1mamaa/25.exe
hxxp://121.12.104.205/q1q1mamaa/26.exe
hxxp://121.12.104.205/q1q1mamaa/27.exe
hxxp://121.12.104.205/q1q1mamaa/28.exe
hxxp://121.12.104.205:66/q1q1mamaa/a.exe
hxxp://121.12.104.205:66/q1q1mamaa/b.exe
hxxp://121.12.104.205:66/q1q1mamaa/c.exe
hxxp://121.12.104.205:66/q1q1mamaa/d.exe
hxxp://121.12.104.205:66/q1q1mamaa/e.exe
hxxp://121.12.104.205:66/q1q1mamaa/f.exe
hxxp://121.12.104.205:66/q1q1mamaa/g.exe
hxxp://121.12.104.205:66/q1q1mamaa/h.exe
hxxp://121.12.104.205/q1q1mamaa/45.exe
hxxp://121.12.104.205/q1q1mamaa/46.dll
hxxp://121.12.104.205/q1q1mamaa/47.dll
hxxp://121.12.104.205/q1q1mamaa/48.dll
hxxp://121.12.104.205/q1q1mamaa/49.dll
hxxp://121.12.104.205/q1q1mamaa/51.dll
hxxp://121.12.104.205/q1q1mamaa/i.exe
hxxp://121.12.104.205/q1q1mamaa/j.exe
hxxp://121.12.104.205/q1q1mamaa/hun.dll

Sample:

Quote

File 52.dll received on 03.31.2009 12:07:27 (CET)
Current status: finished
Result: 15/38 (39.47%)
Virus Total

All of em:
hxxp://rapidshare.com/files/215685615/Mamaa_Trojans.zip.html

#16
Jaxryley
Posted 01 April 2009 - 05:34 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
4 and 6.exe hit.

hxxp://hackdownload.cn/install/1.exe
hxxp://hackdownload.cn/install/2.exe
hxxp://hackdownload.cn/install/3.exe
hxxp://hackdownload.cn/install/4.exe
hxxp://hackdownload.cn/install/5.exe
hxxp://hackdownload.cn/install/6.exe

Sample:

Quote

File 2.exe received on 04.01.2009 12:29:52 (CET)
Current status: finished
Result: 13/40 (32.50%)
Virus Total

All of em:
hxxp://rapidshare.com/files/216094029/Hack_Trojans.zip.html

#17
Raid
Posted 01 April 2009 - 12:33 PM

    Malware Researcher

  • Experts
  • PipPipPipPipPipPip
  • 1,549 posts
  • Gender:Male
  • Location:United States
thanks. !

#18
Jaxryley
Posted 02 April 2009 - 02:42 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Not Detected:
hxxp://u4.ggoovv.com/gb/B5.exe
hxxp://u4.ggoovv.com/gb/B6.exe
hxxp://u4.ggoovv.com/gb/B3.exe
hxxp://u4.ggoovv.com/gb/B4.exe
hxxp://u4.ggoovv.com/gb/B7.exe
hxxp://u9.ggoovv.com/cj/a1.exe
hxxp://u2.ggoovv.com/gz/G3.exe
hxxp://u2.ggoovv.com/gz/G5.exe
hxxp://u2.ggoovv.com/gz/G39.exe
hxxp://u2.ggoovv.com/gz/G36.exe
hxxp://u2.ggoovv.com/gz/G37.exe
hxxp://u2.ggoovv.com/gz/G33.exe
hxxp://u9.ggoovv.com/cj/q1.exe
hxxp://u9.ggoovv.com/cj/q2.exe
hxxp://u9.ggoovv.com/cj/csj.exe

All of em:
hxxp://rapidshare.com/files/216449051/ggoovv_trojans.zip.html

#19
Jaxryley
Posted 02 April 2009 - 05:48 AM

    Forum Deity

  • Malware Hunters
  • PipPipPipPipPipPip
  • 6,718 posts
  • Gender:Male
  • Location:West Aussie
  • Interests:Gardening and computers.
Not hit.
hxxp://h.wuc8.com/dd/3.exe
hxxp://h.wuc8.com/dd/4.exe
hxxp://h.wuc8.com/dd/6.exe
hxxp://h.wuc8.com/dd/8.exe
hxxp://h.wuc8.com/dd/10.exe

All of em:
hxxp://rapidshare.com/files/216497923/wuc8_com.zip.html

#20
miabellezza
Posted 02 April 2009 - 07:27 AM

    New Member

  • Members
  • Pip
  • 1 posts
Bought full version April 1st and updated Malwarebytes this morning prior to going on internet and got hit with Trojan.BHO:

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> Quarantined and deleted successfully.
Back to Newest Rogue Threats · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Research Center
  3. Newest Rogue Threats

Products

About

Partners

Follow Us