Author Topic: Alt virus ce "umbla" pe yahoo mess  (Read 1530 times)

Offline Alexx

  • Administrator
  • Hero Member
  • *****
  • Posts: 707
  • Popularitate: 0
    • View Profile
Alt virus ce "umbla" pe yahoo mess
« on: May 14, 2010, 07:30:20 PM »
Daca va era dor de vechiul virus atunci nu mai suspinati ... o noua versiune circula iara pe messenger trimitand urmatorul mesaj:

Code: [Select]
foto.. http: //tinyurl.com/image-viewer-facebook-GIFbinenteles, nu dati click.

Si cateva informatii despre programele antivirus care il vad luat de pe virustotal.com
Code: [Select]
Antivirus Versiune Ultima actualizare Rezultat
a-squared 4.5.0.50 2010.05.10 Backdoor.Win32.IRCBot!IK
AhnLab-V3 2010.05.14.01 2010.05.14 -
AntiVir 8.2.1.242 2010.05.14 -
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.14 -
Avast 4.8.1351.0 2010.05.13 -
Avast5 5.0.332.0 2010.05.13 -
AVG 9.0.0.787 2010.05.14 -
BitDefender 7.2 2010.05.14 -
CAT-QuickHeal 10.00 2010.05.14 -
ClamAV 0.96.0.3-git 2010.05.14 -
Comodo 4837 2010.05.14 P2PWorm.Win32.Palevo.GZA
DrWeb 5.0.2.03300 2010.05.14 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7488 2010.05.14 -
F-Prot 4.5.1.85 2010.05.14 -
F-Secure 9.0.15370.0 2010.05.14 -
Fortinet 4.1.133.0 2010.05.14 -
GData 21 2010.05.14 -
Ikarus T3.1.1.84.0 2010.05.14 Backdoor.Win32.IRCBot
Jiangmin 13.0.900 2010.05.14 -
Kaspersky 7.0.0.125 2010.05.14 -
McAfee 5.400.0.1158 2010.05.14 -
McAfee-GW-Edition 2010.1 2010.05.14 -
Microsoft 1.5703 2010.05.14 VirTool:Win32/CeeInject.gen!CW
NOD32 5115 2010.05.14 -
Norman 6.04.12 2010.05.14 -
nProtect 2010-05-14.01 2010.05.14 -
Panda 10.0.2.7 2010.05.14 -
PCTools 7.0.3.5 2010.05.14 -
Prevx 3.0 2010.05.14 -
Rising 22.47.04.03 2010.05.14 -
Sophos 4.53.0 2010.05.14 -
Sunbelt 6302 2010.05.14 -
Symantec 20101.1.0.89 2010.05.14 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.14 -
VBA32 3.12.12.5 2010.05.14 SScope.Trojan.YM.0379
ViRobot 2010.5.14.2316 2010.05.14 -
VirusBuster 5.0.27.0 2010.05.14 -
InformaĊ£ii suplimentare
File size: 65065 bytes
MD5...: 0be0ae45b2121ebf8ba2a679a722a099
SHA1..: f758827aa470e12d68240a5559c98611c038281c
SHA256: a70705361c49d8c468471a1281bbedf419007ef1c1b6bab022808b51231ecd6a
ssdeep: 1536:A1pDZT93mPzXkKO1NnT6MjDoDTjGFLpjn9:A11ZTtm70KO1lT1oGFLR9
 
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1240
timedatestamp.....: 0x4bed29e9 (Fri May 14 10:46:01 2010)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3598 0x3600 5.75 36e1ad167c1b83d1f5377580d76ebc7a
.data 0x5000 0x3a0 0x400 0.36 fcbffb9a54f25d992434068ea95472b5
.rdata 0x6000 0x1060 0x1200 4.29 65c3befe85049fd814967eb1608b118a
.bss 0x8000 0x2c50 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0xb000 0x378 0x400 3.83 ec4706dd350707ccba2f5e3919312685
.rsrc 0xc000 0x968 0xa00 5.26 da5a11272d376ec73565538e48965c92

( 2 imports )
> KERNEL32.dll: AddAtomA, ExitProcess, FindAtomA, GetAtomNameA, GetCommandLineA, GetModuleHandleA, GetProcAddress, GetStartupInfoA, LoadLibraryA, SetUnhandledExceptionFilter
> msvcrt.dll: __getmainargs, __p__environ, __p__fmode, __set_app_type, _cexit, _iob, _onexit, _setmode, abort, atexit, calloc, fflush, fprintf, free, malloc, memcpy, memset, signal, strstr

( 0 exports )
 
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (38.3%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
 

http://www.virustotal.com/ro/analisis/a70705361c49d8c468471a1281bbedf419007ef1c1b6bab022808b51231ecd6a-1273846979