DESCARGAS DE MALWARES EFECTUADAS POR DOWNLOADERS UPATRE QUE HEMOS IDO RECIBIENDO EN MAILS MALICIOSOSmsc hotline sat Monday, August 31, 2015 Ya hemos ido informando de varios downloaders de la familia UPATRE que se reciben anexados a mails maliciosos que se reciben masivamente, los cuales pasamos a controlar a partir del ELISTARA 32.84 de hoy Ofrecemos informes del preanalisis de virustotal de las descargas de los ultimos que hemos recibido y que pasamos a controlar: PREANALISIS DE VIRUSTOTAL DEL FICHERO DESCARGADO "camwugo.exe" MD5 e2abe9188b0e601aab5819c52011e198 SHA1 fe0cf71d3fbbd55037ea1ff263a91fbc2d0db7d1 File size 450.5 KB ( 461312 bytes ) SHA256: 310c7bcd13be69ad37d02eca5aef238784bf1eb05b94a2a4c7ff3da06d02f54f File name: camwugo.exe Detection ratio: 43 / 56 Analysis date: 2015-08-31 06:42:56 UTC ( 1 hour, 59 minutes ago ) 0 4 Antivirus Result Update ALYac Backdoor.Agent.gc 20150831 AVG Ransomer.JRY 20150830 AVware Trojan.Win32.Generic!BT 20150831 Ad-Aware Trojan.GenericKD.2676457 20150831 AhnLab-V3 Trojan/Win32.Upatre 20150830 Arcabit Trojan.Generic.D28D6E9 20150830 Avast Win32:Malware-gen 20150830 Avira TR/Rogue.aiohzb 20150831 Baidu-International Trojan.Win32.Battdil.AO 20150830 BitDefender Trojan.GenericKD.2676457 20150831 Bkav HW32.Packed.14BD 20150831 CAT-QuickHeal (Suspicious) - DNAScan 20150829 Cyren W32/Downloader.WBMR-8808 20150831 DrWeb Trojan.Dyre.579 20150831 ESET-NOD32 Win32/Battdil.AO 20150831 Emsisoft Trojan-Downloader.Win32.Upatre (A) 20150831 F-Secure Trojan.GenericKD.2676457 20150829 Fortinet W32/Waski.F!tr 20150831 GData Trojan.GenericKD.2676457 20150831 Ikarus Trojan.Injector 20150831 Jiangmin TrojanDownloader.Dofoil.bhq 20150830 K7AntiVirus Riskware ( 0040eff71 ) 20150831 K7GW Riskware ( 0040eff71 ) 20150831 Kaspersky Trojan.Win32.Agent.igeo 20150831 Malwarebytes Spyware.Dyre 20150830 McAfee RDN/Generic.dx 20150831 McAfee-GW-Edition RDN/Generic.dx 20150830 MicroWorld-eScan Trojan.GenericKD.2676457 20150831 Microsoft PWS:Win32/Dyzap 20150831 NANO-Antivirus Trojan.Win32.Agent.dvsufb 20150831 Panda Generic Suspicious 20150830 Qihoo-360 HEUR/QVM19.1.Malware.Gen 20150831 SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20150829 Sophos Troj/Upatre-LD 20150831 Symantec Downloader.Upatre!gen9 20150830 Tencent Win32.Trojan.Inject.Auto 20150831 TrendMicro TROJ_UPATRE.YYSMO 20150831 TrendMicro-HouseCall TROJ_UPATRE.YYSMO 20150831 VBA32 Heur.Trojan.Hlux 20150829 VIPRE Trojan.Win32.Generic!BT 20150831 ViRobot Trojan.Win32.Upatre.461312 20150831 Zillya 'Downloader.UpatreGen.Win32.68 20150830 nProtect Trojan.GenericKD.2676457 20150828 PREANALISIS DE VIRUSTOTAL DEL FICHERO DESCARGADO "noztegip.exe" MD5 de3050772aba6d1f6d23ec9946da0949 SHA1 36355dd08b418508243cfd7d795119ff151492d9 File size 410.5 KB ( 420352 bytes ) SHA256: 736baf53246347f6f46a83ab50d8422e2f778161ea5e073310c6bcb392bd58e5 File name: noztegip.exe Detection ratio: 38 / 56 Analysis date: 2015-08-31 08:45:15 UTC ( 1 minute ago ) 0 1 Antivirus Result Update ALYac Gen:Variant.Zusy.156846 20150831 AVG Ransomer.JRZ 20150831 AVware Trojan.Win32.Generic!BT 20150831 Ad-Aware Gen:Variant.Zusy.156846 20150831 Agnitum Trojan.Battdil! 20150829 AhnLab-V3 Trojan/Win32.PWS 20150830 Arcabit Trojan.Zusy.D264AE 20150831 Avast Win32:Malware-gen 20150830 Avira TR/Dropper.Gen 20150831 Baidu-International Trojan.Win32.Battdil.AP 20150830 BitDefender Gen:Variant.Zusy.156846 20150831 Bkav W32.ZjbuatS.Trojan 20150831 CAT-QuickHeal TrojanPWS.Dyzap.r4 20150829 Cyren W32/Trojan.EHSA-1131 20150831 DrWeb Trojan.DownLoader15.63337 20150831 ESET-NOD32 a variant of Win32/Battdil.AP 20150831 Emsisoft Gen:Variant.Zusy.156846 (B) 20150831 F-Secure Gen:Variant.Zusy.156846 20150829 Fortinet W32/Battdil.AP!tr 20150831 GData Gen:Variant.Zusy.156846 20150831 Ikarus Trojan.Win32.Battdil 20150831 K7AntiVirus Trojan ( 004cdddf1 ) 20150831 K7GW Trojan ( 004cdddf1 ) 20150831 Kaspersky UDS:DangerousObject.Multi.Generic 20150831 Malwarebytes Spyware.Dyre 20150830 McAfee RDN/Generic.grp 20150831 McAfee-GW-Edition RDN/Generic.grp 20150831 MicroWorld-eScan Gen:Variant.Zusy.156846 20150831 Microsoft PWS:Win32/Dyzap!rfn 20150831 NANO-Antivirus Trojan.Win32.Battdil.dvtjpb 20150831 Panda Trj/Genetic.gen 20150830 Qihoo-360 Win32/Trojan.BO.0dc 20150831 Sophos Mal/Generic-S 20150831 Symantec Trojan.Gen.2 20150830 Tencent Win32.Trojan.Inject.Auto 20150831 TrendMicro TROJ_GEN.R047C0DHR15 20150831 VIPRE Trojan.Win32.Generic!BT 20150831 nProtect Trojan/W32.Agent.420352.EB 20150828 PREANALISIS DE VIRUSTOTAL DEL FICHERO DESCARGADO "milvejute.exe" MD5 20b3a91a5f3a14070cf0472a2a9858e6 SHA1 8dd147bd2aa8058aff95611e682a44eb15e9e038 File size 545.5 KB ( 558592 bytes ) SHA256: cbeaff44a37dcd3274a7ccc4ca099cdfb41e8fe0fc278c20813a668b0a4e345c File name: milvejute.exe Detection ratio: 35 / 57 Analysis date: 2015-08-31 08:50:55 UTC ( 2 minutes ago ) 0 1 Antivirus Result Update ALYac Gen:Variant.Mikey.22550 20150831 AVG Crypt4.BZJZ 20150831 AVware Trojan.Win32.Generic!BT 20150831 Ad-Aware Gen:Variant.Mikey.22550 20150831 Agnitum Trojan.Kryptik!f7OWki4c5pI 20150829 AhnLab-V3 Trojan/Win32.Agent 20150830 Arcabit Trojan.Mikey.D5816 20150831 Avast Win32:Malware-gen 20150830 Avira TR/Crypt.ZPACK.176520 20150831 Baidu-International Adware.Win32.iBryte.DUAO 20150830 BitDefender Gen:Variant.Mikey.22550 20150831 Cyren W32/Trojan.OAKC-4402 20150831 ESET-NOD32 a variant of Win32/Kryptik.DUAO 20150831 Emsisoft Gen:Variant.Mikey.22550 (B) 20150831 F-Secure Gen:Variant.Mikey.22550 20150829 Fortinet W32/Kryptik.DUAO!tr 20150831 GData Gen:Variant.Mikey.22550 20150831 Ikarus Trojan.Win32.Crypt 20150831 K7AntiVirus Trojan ( 004cd9a01 ) 20150831 K7GW Trojan ( 004cd9a01 ) 20150831 Kaspersky UDS:DangerousObject.Multi.Generic 20150831 Malwarebytes Spyware.Dyre 20150830 McAfee RDN/Generic PWS.y 20150831 McAfee-GW-Edition RDN/Generic PWS.y 20150831 MicroWorld-eScan Gen:Variant.Mikey.22550 20150831 Microsoft VirTool:Win32/Obfuscator.AOS 20150831 NANO-Antivirus Trojan.Win32.ZPACK.dvrnfo 20150831 Panda Trj/Genetic.gen 20150830 Qihoo-360 HEUR/QVM02.0.Malware.Gen 20150831 Sophos Mal/Generic-S 20150831 Symantec Trojan.Gen.2 20150830 Tencent Win32.Trojan.Crypt.Hqbr 20150831 TrendMicro TSPY_DYRE.XXA 20150831 TrendMicro-HouseCall TSPY_DYRE.XXA 20150831 VIPRE Trojan.Win32.Generic!BT 20150831 PREANALISIS DE VIRUSTOTAL DEL FICHERO DESCARGADO "WRCyARjAPFiWKWk.exe" MD5 41c36735aa2f0d818dc46491ba845e63 SHA1 711b6cd7cf12a10ef452294058ec891beb5c884b File size 483.0 KB ( 494592 bytes ) SHA256: 970858f16d3d44d1e54ec147533ee855faa61b7a3b3a37c3eb14141a399b8a70 File name: WRCyARjAPFiWKWk.exe Detection ratio: 35 / 57 Analysis date: 2015-08-31 08:55:22 UTC ( 3 minutes ago ) 0 3 Antivirus Result Update ALYac Trojan.GenericKD.2652739 20150831 AVG Ransomer.JQR 20150831 AVware Trojan.Win32.Generic!BT 20150831 Ad-Aware Trojan.GenericKD.2652739 20150831 Agnitum Trojan.DL.Agent!h2DpQu6li2s 20150829 Arcabit Trojan.Generic.D287A43 20150831 Avast Win32:Malware-gen 20150830 Avira TR/Rogue.aiohrb 20150831 Baidu-International Trojan.Win32.Downloader.wsmfx 20150830 BitDefender Trojan.GenericKD.2652739 20150831 Bkav HW32.Packed.1190 20150831 CAT-QuickHeal TrojanDownloader.Agent.r4 20150829 Cyren W32/Trojan.CKCI-3230 20150831 ESET-NOD32 Win32/Battdil.AM 20150831 Emsisoft Trojan.GenericKD.2652739 (B) 20150831 F-Secure Trojan.GenericKD.2652739 20150829 Fortinet W32/Kryptik.DRAC!tr 20150831 GData Trojan.GenericKD.2652739 20150831 Ikarus Trojan.Win32.Battdil 20150831 K7AntiVirus Trojan ( 004cd4621 ) 20150831 K7GW Trojan ( 004cd4621 ) 20150831 Kaspersky Trojan-Downloader.Win32.Agent.wsmfx 20150831 Malwarebytes Trojan.Krypt 20150830 McAfee RDN/Generic Downloader.x 20150831 McAfee-GW-Edition BehavesLike.Win32.PWSZbot.gc 20150831 MicroWorld-eScan Trojan.GenericKD.2652739 20150831 Microsoft Trojan:Win32/Bulta!rfn 20150831 NANO-Antivirus Trojan.Win32.Agent.dvkxsj 20150831 Panda Trj/Genetic.gen 20150830 Qihoo-360 HEUR/QVM20.1.Malware.Gen 20150831 Sophos Mal/Generic-S 20150831 Symantec Trojan.Gen 20150830 TrendMicro TROJ_GEN.R01TC0DHL15 20150831 VIPRE Trojan.Win32.Generic!BT 20150831 nProtect Trojan.GenericKD.2652739 20150828 Dicha version 32.84 del ELISTARA que los detecta y elimina, estará disponible en nuestra web a partir de las 15 h CEST de hoy saludos ms, 31-8-2015 |
RSS Noticias RSS Articulos RSS Descargas>> Compartircomparte con tus amigos, zonavirus.com |