CastleCops® Eldorado and others

Need help? Click here to register for free! Absolutely zero advertisements on this site!

	Donation/Premium

	Donations. Become Premium Today!

	Security Central

	· Home · PIRT/Fried Phish · MIRT · SIRT · Deutsch · Wiki · Newsletter · O16/ActiveX · CLSID List · Contest2007 · Downloads · Feedback (send) · Forums · HijackThis · Hijacktrend · LSPs · My Downloads · O18 · O20 · O21 · O22 · O23 · O9 · Premium · Private Messages · Proxomitron · Reviews · Search · StartupList · Stories Archive · Submit News · WsIRT · Your Account · Acceptable Use Policy

Forum FAQ

Usergroups

Profile

Select FavForums

Eldorado and others

All -> FavForums -> Unknown Files

[del.icio.us!] [digg it!] [reddit!]

View previous topic :: View next topic

Author

Message

swatkat

Security Expert

Joined: Mar 04, 2005
Posts: 2039

Posted: Tue Feb 05, 2008 5:51 pm Post subject: Eldorado and others

Few poorly detected samples....

Quote:

File 51436.exe

Antivirus Version Last Update Result
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.05 -
Authentium 4.93.8 2008.02.05 -
Avast 4.7.1098.0 2008.02.04 -
AVG 7.5.0.516 2008.02.05 -
BitDefender 7.2 2008.02.05 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.05 -
DrWeb 4.44.0.09170 2008.02.05 -
eSafe 7.0.15.0 2008.01.28 suspicious Trojan/Worm
eTrust-Vet 31.3.5512 2008.02.05 -
Ewido 4.0 2008.02.05 -
FileAdvisor 1 2008.02.05 -
Fortinet 3.14.0.0 2008.02.05 -
F-Prot 4.4.2.54 2008.02.04 W32/Downloader.F.gen!Eldorado
F-Secure 6.70.13260.0 2008.02.05 -
Ikarus T3.1.1.20 2008.02.05 -
Kaspersky 7.0.0.125 2008.02.05 -
McAfee 5222 2008.02.04 -
Microsoft 1.3204 2008.02.05 -
NOD32v2 2850 2008.02.05 -
Norman 5.80.02 2008.02.05 -
Panda 9.0.0.4 2008.02.04 -
Prevx1 V2 2008.02.05 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.05 Sus/Dropper-A
Sunbelt 2.2.907.0 2008.02.05 -
Symantec 10 2008.02.05 -
TheHacker 6.2.9.209 2008.02.05 -
VBA32 3.12.6.0 2008.02.05 -
VirusBuster 4.3.26:9 2008.02.05 -
Webwasher-Gateway 6.6.2 2008.02.05 -
Additional information
File size: 39424 bytes
MD5: 67e54c46e7902363e391def34b15d81f
SHA1: cc87b844261ca297374383eb39bbe5eb6bfa179b
PEiD: UPX 2.93 - 3.00 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers: UPX_LZMA

Quote:

File Dll.dll

Antivirus Version Last Update Result
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.05 -
Authentium 4.93.8 2008.02.05 -
Avast 4.7.1098.0 2008.02.04 -
AVG 7.5.0.516 2008.02.05 -
BitDefender 7.2 2008.02.05 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.05 -
DrWeb 4.44.0.09170 2008.02.05 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5512 2008.02.05 -
Ewido 4.0 2008.02.05 -
FileAdvisor 1 2008.02.05 -
Fortinet 3.14.0.0 2008.02.05 -
F-Prot 4.4.2.54 2008.02.04 -
F-Secure 6.70.13260.0 2008.02.05 -
Ikarus T3.1.1.20 2008.02.05 -
Kaspersky 7.0.0.125 2008.02.05 -
McAfee 5222 2008.02.04 -
Microsoft 1.3204 2008.02.05 -
NOD32v2 2850 2008.02.05 -
Norman 5.80.02 2008.02.05 -
Panda 9.0.0.4 2008.02.04 Suspicious file
Prevx1 V2 2008.02.05 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.05 -
Sunbelt 2.2.907.0 2008.02.05 -
Symantec 10 2008.02.05 -
TheHacker 6.2.9.209 2008.02.05 -
VBA32 3.12.6.0 2008.02.05 -
VirusBuster 4.3.26:9 2008.02.05 -
Webwasher-Gateway 6.6.2 2008.02.05 -
Additional information
File size: 13824 bytes
MD5: e96c8d4b636c7caf08d22678c1e7003a
SHA1: bf5c87d7290c6ce475f9e97450cb83fc996e2abd
PEiD: -

Quote:

File kcopt.dll

Antivirus Version Last Update Result
AhnLab-V3 2008.2.6.10 2008.02.05 -
AntiVir 7.6.0.62 2008.02.05 -
Authentium 4.93.8 2008.02.05 -
Avast 4.7.1098.0 2008.02.04 -
AVG 7.5.0.516 2008.02.05 -
BitDefender 7.2 2008.02.05 -
CAT-QuickHeal 9.00 2008.02.04 -
ClamAV 0.92 2008.02.05 -
DrWeb 4.44.0.09170 2008.02.05 -
eSafe 7.0.15.0 2008.01.28 -
eTrust-Vet 31.3.5512 2008.02.05 -
Ewido 4.0 2008.02.05 -
FileAdvisor 1 2008.02.05 -
Fortinet 3.14.0.0 2008.02.05 -
F-Prot 4.4.2.54 2008.02.04 -
F-Secure 6.70.13260.0 2008.02.05 -
Ikarus T3.1.1.20 2008.02.05 -
Kaspersky 7.0.0.125 2008.02.05 -
McAfee 5222 2008.02.04 -
Microsoft 1.3204 2008.02.05 -
NOD32v2 2850 2008.02.05 -
Norman 5.80.02 2008.02.05 -
Panda 9.0.0.4 2008.02.04 -
Prevx1 V2 2008.02.05 -
Rising 20.29.22.00 2008.01.30 -
Sophos 4.26.0 2008.02.05 -
Sunbelt 2.2.907.0 2008.02.05 -
Symantec 10 2008.02.05 -
TheHacker 6.2.9.209 2008.02.05 -
VBA32 3.12.6.0 2008.02.05 -
VirusBuster 4.3.26:9 2008.02.05 -
Webwasher-Gateway 6.6.2 2008.02.05 -
Additional information
File size: 25311 bytes
MD5: 4490bb8b6f97e0b0e5deca9b8da485d6
SHA1: 4f832d66a223f3da065282cb6b8610e03717f5ac
PEiD: -

_________________
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.
- Albert Einstein

tetak

MIRT Team Lead
Premium Member

Joined: Jan 19, 2007
Posts: 5879

Posted: Tue Feb 05, 2008 8:55 pm Post subject:

51436.exe - Trojan-Downloader.Win32.Agent.ipn (Kaspersky) kcopt.dll - Corrupted Dll.dll - Trojan.Win32.Agent.exl (Kaspersky) I'll add 51436.exe and Dll.dll to the malware listserv. _________________ Got Windows XP? Help protect your PC from malware with Microsofts anti-spyware program Windows Defender. Download it for free from http://www.microsoft.com/athome/security/spyware/software/default.mspx

	All -> FavForums -> Unknown Files	All times are GMT
Page 1 of 1

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You cannot download files in this forum


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 142ppm 0.221s (0.04s) Making cybercriminals unhappy since 2002*