Translate

1/18/2014

Category SUSPICIOUS DOWNLOADS: www.bpsoft.com
(POSSIBLE WORM) Worm/Win32.Kolab.gen


DOMAIN:
www.bpsoft.com
  • https://www.virustotal.com/de/url/44f2fac9cdb934660ebb0255217d5f82bf5af6f0411e966c08aa999ec654772c/analysis/1390047433/
 SPECIFIC LINK:
www.bpsoft.com/downloads/hw32v510.exe
  • https://www.virustotal.com/de/url/cc69c82b8cd243226587d6b6e41eb9df8be8f0e9a86f7023bcaef57d1e0271bf/analysis/1390047028/
POSSIBLE WORM (Worm/Win32.Kolab.gen):

  • https://www.virustotal.com/de/file/cba01d0a556adff4610d88d6b36808efdecd364bd7d163c860de0bed6bfbedd2/analysis/1389536989/
FILE(s)FOR ANALYSIS CAN BE FOUND HERE:

  • http://jsunpack.jeek.org/?report=5a8fb879b70ec058c709b10ea68fdfb44658726c
4 OUT OF 6 CERTIFICATES ARE OUT OF VALIDATION

WEPAWET SUSPICIOUS:
  • http://wepawet.iseclab.org/view.php?hash=10b0fc9f8bd406c2f9e1dfbd669a4d51&t=1390047033&type=js
Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary.
  • http://anubis.iseclab.org/?action=result&task_id=1847fa214365660a4056391b5178d3b67&format=html




Keine Kommentare:

Kommentar veröffentlichen