Jump to content

Malwarebytes

Yahoo Messenger Status generator.exe

Started by JoleFindsTheRogues, Aug 22 2009 11:39 AM

2 replies to this topic

#1
JoleFindsTheRogues
Posted 22 August 2009 - 11:39 AM

    Advanced Member

  • Malware Hunters
  • PipPipPip
  • 213 posts
  • Gender:Male
  • Location:Velika Plana, Serbia. 
 Advanced Rogue Poster 1.0 - by JoleFindsTheRogues . - MalwareBytes.org

Quote

Testing Started...


Stage 1 : Sandbox Normal Test
Posted Image
!!! Anti-Sandbox Possibly Detected !!!
Files Created : None
Processes Started : Yahoo Messenger Status generator.exe

Stage 2 : ThreatExpert Scan
http://www.threatexpert.com/report.aspx?md5=85a308c9722813d6cc396015e86fbf21


Stage 3 : VirusTotal Scan
http://www.virustotal.com/analisis/1cf05ceb71308fa5254733f8b57eb3e7f9e94fe522819c6ca5f96ae0caa0ca03-1250941004



Testing Done...
Download Link : 
http://rapidshare.com/files/270164434/Yahoo_Messenger_Status_generator.rar

Posted Image

#2
JoleFindsTheRogues
Posted 22 August 2009 - 12:30 PM

    Advanced Member

  • Malware Hunters
  • PipPipPip
  • 213 posts
  • Gender:Male
  • Location:Velika Plana, Serbia.
Hashes :
Adler32: 26E25DE4
CRC32: 521BBDAD
HAVAL: 043F4B1DEC4269CF19F97B0D22B29EA8EC6372DD2E6612CA482E42D554994E40
MD2: 9EE61F2E0646FE3C68D1D3683003FBC9
MD4: 9CB5D9EB053A2166A763E83D0FEFDBC4
MD5: 85A308C9722813D6CC396015E86FBF21
RIPEMD-128: 6E7B4E11C908117C5F9C5BC638D202DC
RIPEMD-256: 8BF723F2DEC756DC52368534F2AD701AF6ED332A0A943A9B8C93F4732082DC37
RIPEMD-320: 19160874F12258E5E700EBEBD1F3424D5D88E762B618EC249BE6A988148CBAB56C78ADE06B9C5E43
SHA-1: 8145FE2B0F7BC3561EC76AF16AD48A96FAB155AA
SHA-256: 1CF05CEB71308FA5254733F8B57EB3E7F9E94FE522819C6CA5F96AE0CAA0CA03
SHA-384: 27856925EDD17A4A24FE577993340054EE49FD2459C749065149DFC2E39D371F0CDB22A44F3A9881
DB44446F097C51BD
SHA-512: 60085413D4AB7E5AEE6C25C4B42CD9DFFB60DFC544C83ACCAAFB1AA12445AD9EB7D6BE14C764921E
E2CBDDDE9E71B75C3BB70E604649678753DABF11DDF279B2
Tiger: 41B41A10846D570837EF7FD6901EF3F55CBB011AAEEF097A
Whirlpool: 209873810C3145E525E1A64474B055EDE36A7133B747FC8A9C2843C6B5EFF9C41E0D528B6A118457
1473020027D8358FB6CB2DD31190020030505C69F747D6A0

Posted Image

#3
Fatdcuk
Posted 22 August 2009 - 03:26 PM

    Malware BBQ'er

  • Moderators
  • PipPipPipPipPipPip
  • 16,156 posts
  • Gender:Male
  • Location:127.0.0.1
Many thanks Jole,

Will look at the file shortly :lol:

ps no snadbox or VM used on my testbox..too many malwares not playing ball if they detect certain variables on the host system <_<
Ade Gill
Research Engineer

Posted Image

Follow us: Twitter, Become a fan: Facebook
Back to Newest Rogue Threats · Next Unread Topic →


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Malwarebytes Forum
  2. Research Center
  3. Newest Rogue Threats

Products

About

Partners

Follow Us