CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsSelect FavForums 

MD5: 9eb637d82f940a4986832ce5ac85614b prg.exe(ntos inst)

 
Post new topic   Reply to topic       All -> FavForums -> Malware Listserv [del.icio.us!] [digg it!] [reddit!]
View previous topic :: View next topic  
Author Message
fatdcuk

MIRT Hunter
Premium Member

Joined: Oct 31, 2006
Posts: 2986
Location: Uk
MIRT Premium

PostPosted: Sat Nov 18, 2006 5:52 pm    Post subject: MD5: 9eb637d82f940a4986832ce5ac85614b prg.exe(ntos inst)
Reply with quote

This is the executable feature in the following PDF produced by Secure Science Corp and Michael Ligh.
http://www.securescience.net/securescienceblog/malwarecasestudy.html

STATUS: FINISHEDComplete scanning result of "prg.exe", received in VirusTotal at 11.18.2006, 18:40:01 (CET).

Antivirus Version Update Result
AntiVir 7.2.0.39 11.17.2006 BDS/Small.LU.4
Authentium 4.93.8 11.17.2006 W32/Backdoor.QQB
Avast 4.7.892.0 11.15.2006 no virus found
AVG 386 11.18.2006 BackDoor.Generic3.OWM
BitDefender 7.2 11.18.2006 Generic.Malware.Sdldg.4661D89E
CAT-QuickHeal 8.00 11.18.2006 no virus found
ClamAV devel-20060426 11.18.2006 no virus found
DrWeb 4.33 11.18.2006 Trojan.Dav
eSafe 7.0.14.0 11.16.2006 suspicious Trojan/Worm
eTrust-InoculateIT 23.73.59 11.18.2006 no virus found
eTrust-Vet 30.3.3197 11.17.2006 no virus found
Ewido 4.0 11.18.2006 Backdoor.Small.lu
Fortinet 2.82.0.0 11.18.2006 W32/Small.LU!tr.bdr
F-Prot 3.16f 11.17.2006 security risk named W32/Backdoor.QQB
F-Prot4 4.2.1.29 11.17.2006 W32/Backdoor.QQB
Ikarus 0.2.65.0 11.17.2006 no virus found
Kaspersky 4.0.2.24 11.18.2006 Backdoor.Win32.Small.lu
McAfee 4899 11.18.2006 no virus found
Microsoft 1.1609 11.18.2006 no virus found
NOD32v2 1870 11.17.2006 no virus found
Norman 5.80.02 11.17.2006 W32/Smalldoor.JGM
Panda 9.0.0.4 11.18.2006 no virus found
Prevx1 V2 11.18.2006 no virus found
Sophos 4.11.0 11.16.2006 Mal/Behav-010
TheHacker 6.0.3.122 11.18.2006 Backdoor/Small.lu
UNA 1.83 11.17.2006 Backdoor.Small.4
VBA32 3.11.1 11.18.2006 Trojan.Dav
VirusBuster 4.3.15:9 11.18.2006 no virus found


Aditional Information
File size: 13824 bytes
MD5: 9eb637d82f940a4986832ce5ac85614b
SHA1: 9dbcd5033220fd8fd9b38d31c5cd81ed1c73d20f
packers: UPX


_________________
Malware hunter....Got Bot ?
http://www.castlecops.com/f269-Malware_Listserv.html
Back to top
View users profile Send private message Visit posters website
Display posts from previous:   
Post new topic   Reply to topic       All -> FavForums -> Malware Listserv All times are GMT
Page 1 of 1

 
Quick Reply:
Username: 

Quote the last message
Attach signature (signatures can be changed in profile)
 
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001 phpBB Group
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
133ppm 0.168s (0.034s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer