NEW POTENTIALLY RISKWARE & PHISHING DETECTED: Not-a-virus:PSWTool.Win32.Agent.vx from securityxploded.com (WindowsDriveHider - Passwordstealer)

NEW POTENTIALLY RISKWARE DETECTED:
Windows Drive Hider - Passwordstealer

not-a-virus:PSWTool.Win32.Agent.vx

http://securityxploded.com/download-file.php?id=1011

• https://www.virustotal.com/de/url/f20fbbaa6dc5d1c58e9824b445cf35f506512dc5e1ed7ebbe8eea41ed498780c/analysis/1397069288/

http://securityxploded.com/getfile_plus.php?id=1011

• https://www.virustotal.com/de/url/dca829bc0b33249a056eb8b6489e84e90e1b5fb8a40f608992141254658f2f6b/analysis/1397069330/

(WindowsDriveHider.zip) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/0ca33d4ebaef889b5b35e1f55dd4bb245930b4846bb125fd2755fb65369269ba/analysis/1397069354/

(SetupWindowsDriveHider.exe) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/ca65cde81006fda4c3f90ca0f2b8fbe0c5f8d5f06052f652ff33e68d07f06a07/analysis/1397069576/

(WindowsDriveHider.exe) PSWTool.Win32.Agent.vx

• https://www.virustotal.com/de/file/df7d22e0a4bc4f2674c8be7ba8b7b9c415851dc120dd421508d8a3191f473177/analysis/1397069541/

WEPAWET: Suspicious

• http://wepawet.iseclab.org/view.php?hash=75ae03c5152f116b12977a062e146979&t=1397069846&type=js

• http://zulu.zscaler.com/submission/show/22a63c3e6ed00b1be52a58ba2d0a8d70-1397069633

IP:

http://64.150.191.172/

• https://www.virustotal.com/de/url/774ec0fe019369938cf734a511ae4334b74f31e5c0202710934e0997df8a6e7f/analysis/

SUPPLEMENTARY OTHER LINK FOUND ON PAGE (PUA.PHISHING.BANK):

http://nagareshwar.securityxploded.com/2013/09/16/seh-exploitation-to-get-shell-access/index.html

• https://www.virustotal.com/de/url/b8e3193f581b32f9c3ef4af6c58ae4a94d0783162f8cf49774d3111d3e1581a7/analysis/1397070689/

HTML-PUA.PHISHING.BANK

• https://www.virustotal.com/de/file/c8e6a6d9ef6c9178db84fc7614f2d168856d36e44c78f5b68284f5874e8b7176/analysis/1397070794/

• http://virusscan.jotti.org/de/scanresult/d50831e4520e9bd7863cd71fabe24462a193fe6e