Trojan Undetected By Bitdefender
Attached zip file;
encrypted with password:
infected
===========================
VirusTotal report:
http://www.virustotal.com/analisis/5b2f9e9...c6ef81941322a69
===========================
AntiVir==TR/Spy.Gen
AVG==Dialer.SDE
DrWeb==BackDoor.Goth.origin
F-Secure==Trojan.Win32.Dialer.axq
Fortinet==W32/Heuri.AXQ!tr
Ikarus==Virus.Trojan.Win32.Dialer.axq
Kaspersky==Trojan.Win32.Dialer.axq
McAfee==Generic BackDoor.t
Rising==Trojan.Win32.Undef.fre
VBA32==Trojan.Win32.Dialer.axq
VirusBuster==Dialer.Gh0st.Gen
Webwasher-Gateway==Trojan.Spy.Gen
File size: 119808 bytes
MD5...: f0d8488d447c2ab9a9541c8efd047f52
SHA1..: f269e89951df8b764977b3dfeedade5dbb93fe23
SHA256: 4e079bb8c0efb24a46a8ce601ab508b24191f26beda9f6a8da0de1ad7f29c936
SHA512: d7a343fec171342d4a8c53b451f0fe98dedb5a6547d7ce192d3ad591cbfdede7
2c1633ff673e90eaa85367730d7c4908db9eba655c363c917be5acc2c3823d96
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4021f0
timedatestamp.....: 0x4804ca9e (Tue Apr 15 15:32:46 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x501a 0x5200 6.52 39c97c60e8bf399e28e080495939d2f6
.rdata 0x7000 0xdee 0xe00 5.23 a4596ed46664a8df38cf3838c6c2e2d7
.data 0x8000 0x2cdc 0x2800 1.02 da7a87196c33c5f73716b8139347dc41
.rsrc 0xb000 0x14660 0x14800 6.13 9eb1c4f9f0091db9dfecfc657db08185
( 3 imports )
> KERNEL32.dll: FindResourceA, lstrcatA, GetTempPathA, ExitProcess, lstrcpyA, lstrlenA, lstrcmpiA, SetLastError, GetLastError, GetFileAttributesA, GetSystemDirectoryA, FreeLibrary, LoadResource, LoadLibraryA, GetModuleFileNameA, SetUnhandledExceptionFilter, ReleaseMutex, CreateMutexA, GetCommandLineA, CopyFileA, OutputDebugStringA, GetStringTypeA, LCMapStringW, CreateFileA, SystemTimeToFileTime, LocalFileTimeToFileTime, SetFileTime, SizeofResource, WriteFile, DeleteFileA, CloseHandle, MoveFileA, SetFileAttributesA, GetProcAddress, RtlUnwind, RaiseException, GetModuleHandleA, GetStartupInfoA, GetVersion, HeapAlloc, HeapFree, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, HeapReAlloc, IsBadWritePtr, IsBadReadPtr, IsBadCodePtr, GetCPInfo, GetACP, GetOEMCP, MultiByteToWideChar, LCMapStringA, GetStringTypeW
> USER32.dll: wsprintfA
> ADVAPI32.dll: CreateServiceA, OpenServiceA, StartServiceA, OpenSCManagerA, CloseServiceHandle, RegCreateKeyA, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, RegSetValueExA
( 0 exports )
/applications/core/interface/file/attachment.php?id=1923" data-fileid="1923" rel="">server.zip