Home > Others

[09-06] Another Trojan download website (version 2nd)

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

EndurerOriginal
2006-09-062Version
2006-09-02 No.1Version

The website hxxp: // www.94l **** m.com/homepage opens the webpage based on the cookie value:
/------------
Hxxp: // www. Dudu ** {com/web/dudu?###13.htm
------------/
Or
/------------
Hxxp: // www. Dud ** uw.com/web/dudu??#=12.htm
------------/

Dudu ***** 13.htm and Dudu ***** have encrypted VBScript code in 12.htm. XMLHTTP and scripting. fileSystemObject downloads hxxp: // qidong.virussky.com/qidong.exe, saves it as an85.com in the temporary ie folder, and uses shell. the ShellExecute method of the Application object to run.

File: Qidong.exe
Status: Infected/malware
MD5 F932ee7f241695d5ee6527a231795468
Packers detected: UPX
Scanner results
AntiVir FoundHeuristic/malware (probable variant)
Arcavir Found nothing
Avast Found nothing
AVG AntiVirus Found nothing
BitDefender FoundGeneric. malware. Be! G.66e35076
ClamAV Found nothing
Dr. Web FoundTrojan. Update
F-Prot AntiVirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus FoundTrojan-Downloader.Win32.Agent.aqr
NOD32 Found probably unknownNewheur_pe(Probable variant)
Norman Virus Control Found nothing
Una Found nothing
Virusbuster Found nothing
Vba32 Found nothing

 

Antivirus Version Update Result
AntiVir 7.1.1.11 09.06.2006 TR/dldr. Agent. aqr.15
Authentium 4.93.8 09.06.2006 No virus found
Avast 4.7.844.0 09.06.2006 No virus found
AVG 386 09.06.2006 Downloader. Agent. fgl
BitDefender 7.2 09.06.2006 Generic. malware. Be! G.66e35076
Cat-quickheal 8.00 09.05.2006 No virus found
ClamAV Devel-20060426 09.06.2006 No virus found
Drweb 4.33 09.06.2006 Trojan. Update
ETrust-inoculateit 23.72.117 09.05.2006 No virus found
ETrust-vet 30.3.3064 09.06.2006 No virus found
Ewido 4.0 09.05.2006 Downloader. Agent. aqr
Fortinet 2.77.0.0 09.06.2006 No virus found
F-Prot 3.16f 09.06.2006 No virus found
F-Prot4 4.2.1.29 09.06.2006 No virus found
Ikarus 0.2.65.0 09.06.2006 No virus found
Kaspersky 4.0.2.24 09.06.2006 Trojan-Downloader.Win32.Agent.aqr
McAfee 4845 09.05.2006 Downloader-awe
Microsoft 1.1560 09.06.2006 No virus found
Nod32v2 1.1741 09.06.2006 Probably unknown newheur_pe Virus
Norman 5.90.23 09.06.2006 No virus found
Panda 9.0.0.4 09.05.2006 Trj/Delf. ABZ
Sophos 4.09.0 09.06.2006 No virus found
Symantec 8.0 09.06.2006 No virus found
Thehacker 5.9.8.205 09.06.2006 Posible_worm322
Una 1.83 09.06.2006 No virus found
Vba32 3.11.1 09.05.2006 Trojan-Downloader.Win32.Agent.aqr
Virusbuster 4.3.7: 9 09.06.2006 No virus found

 

Aditional Information
File Size: 31744 bytes
MD5: f932ee7f241695d5ee6527a231795468
Sha1: 6414ec3d64ede47a4eec4cd07166380b223431da
Packers: UPX, embedded

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
remote access trojan download trojan horse virus download trojan remover download trojan remover free download free trojan horse virus download trojan removal tool free download trojan virus removal free download

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More