| View previous topic :: View next topic |
| Author |
Message |
Mrhero
Trooper
Joined: Feb 26, 2007
Posts: 12
Location: Turkey
|
 Posted: Sat Jan 12, 2008 9:55 pm Post subject: MSN Messenger trojan |
|
|
Hi this a virus which spreads from MSN Messenger, If you chat with an infected machine it sends this message :
"bu fotograftaki senmisin" is turkish and it means " Is that you at this photo". And mrher***@hotmail.com is my msn adress.
|
|
| Back to top |
|
 |
tacktick
MIRT Hunter
Premium Member
Joined: May 19, 2007
Posts: 624
Location: USA
|
| Posted: Sun Jan 13, 2008 6:18 pm Post subject: |
|
|
That link isnt valid anymore.
I did some net searching and cant find a valid link serving this malware so I cant check it out.
But let us know if you have anything else.
_________________
Analyzing, reporting and removing Malware. Fight the Scourge!
|
|
| Back to top |
|
|
Mrhero
Trooper
Joined: Feb 26, 2007
Posts: 12
Location: Turkey
|
|
| Back to top |
|
|
tacktick
MIRT Hunter
Premium Member
Joined: May 19, 2007
Posts: 624
Location: USA
|
| Posted: Sun Jan 13, 2008 11:29 pm Post subject: |
|
|
Thank you, I got a copy of the malware.
It has been put on the listserv.
 /postitle212791-0-0-.html
| Code: |
File naked391.com received on 01.13.2008 23:59:45 (CET)
Antivirus Version Last Update Result
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.13 -
Authentium 4.93.8 2008.01.13 -
Avast 4.7.1098.0 2008.01.13 -
AVG 7.5.0.516 2008.01.13 BackDoor.Ircbot.CSW
BitDefender 7.2 2008.01.13 -
CAT-QuickHeal 9.00 2008.01.12 -
ClamAV 0.91.2 2008.01.13 -
DrWeb 4.44.0.09170 2008.01.13 -
eSafe 7.0.15.0 2008.01.13 suspicious Trojan/Worm
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.13 -
FileAdvisor 1 2008.01.14 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 -
F-Secure 6.70.13030.0 2008.01.13 Trojan.Win32.Agent.dwd
Ikarus T3.1.1.20 2008.01.13 -
Kaspersky 7.0.0.125 2008.01.13 Trojan.Win32.Agent.dwd
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.13 Backdoor:Win32/IRCbot.gen!F
NOD32v2 2788 2008.01.13 a variant of Win32/IRCBot.AAL
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.13 -
Prevx1 V2 2008.01.14 Backdoor.IRCBot.gen
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.13 -
TheHacker 6.2.9.187 2008.01.13 Trojan/Agent.dwd
VBA32 3.12.2.5 2008.01.13 -
VirusBuster 4.3.26:9 2008.01.13 -
Webwasher-Gateway 6.6.2 2008.01.13 -
Additional information
File size: 29184 bytes
MD5: 74eb7339b3dcb5cf7872c3bbd9cf3848
SHA1: 9bf1788775e8976c8c10c721c0eea744594f23a6
PEiD: -
packers: UPX
packers: PE_Patch.UPX, UPX
|
_________________
Analyzing, reporting and removing Malware. Fight the Scourge!
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
