About contagio exchange

CONTAGIO EXCHANGE Contagio exchange was created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection.
Edit Aug 2013 - The community is busy and Mila too so this was not a very active site (my fault probably) so I will be just dumping malware strings here - it often helps in malware identification and googling is the best way.
With just strings, not exactly a fun blog to read but might become s useful resource over time.
I will not be posting samples here, just md5. You can find the corresponding samples on contagio or ping me if you can't find
M
P.S. Robot pictures delivered by Robohash.com (generated from file hashes)

Tuesday, March 6, 2012

006 Crime - Blackhole CVE-2011-3544 - exploit - Web - Feb 2012

MD5:  85b0f524facca1b00f66e4a7ecb317e4

Download (pass infected)




Name  Java CVE-2011-3544
Category
Crime
type exploit
vector  Web
Sample credit Mila


VirustotalSHA256:     c13839854d0d950319ca97538f1cce6e050c5596d21251bb6e925647bf3e13d6
SHA1:     81a274046b2f3fc90c967a6ba26add941cd8ba41
MD5:     85b0f524facca1b00f66e4a7ecb317e4
File size:     4.7 KB ( 4840 bytes )
File name:     /30/xuaqxoewjlcsgsa.jar
File type:     ZIP
Detection ratio:     24 / 43
Analysis date:     2012-02-18 13:47:03 UTC ( 2 weeks, 3 days ago )

Antivirus     Result     Update
AhnLab-V3     -     20120216
AntiVir     EXP/CVE-2011-3544.U     20120217
Antiy-AVL     Exploit/Java.CVE-2011-3544     20120213
Avast     Java:CVE-2011-3544-M [Expl]     20120218
AVG     -     20120218
BitDefender     Trojan.Agent.ATMO     20120218
ByteHero     -     20120216
CAT-QuickHeal     -     20120218
ClamAV     -     20120218
Commtouch     -     20120218
Comodo     UnclassifiedMalware     20120217
DrWeb     Exploit.CVE2011-3544.4     20120218
Emsisoft     Trojan-Dropper.Agent!IK     20120218
eSafe     -     20120216
eTrust-Vet     -     20120217
F-Prot     -     20120218
F-Secure     Trojan.Agent.ATMO     20120218
Fortinet     Java/CVE_2011_3544.L!exploit     20120218
GData     Trojan.Agent.ATMO     20120218
Ikarus     Trojan-Dropper.Agent     20120218
Jiangmin     Exploit.Java.gv     20120217
K7AntiVirus     -     20120217
Kaspersky     Exploit.Java.CVE-2011-3544.l     20120218
McAfee     Downloader.a!b2d     20120218
McAfee-GW-Edition     Downloader.a!b2d     20120217
Microsoft     TrojanDownloader:Java/Comesis.A     20120218
NOD32     Java/Exploit.CVE-2011-3544.H     20120218
Norman     JAVA/Exploit.CVE-2011-3544.A     20120218
nProtect     Trojan.Agent.ATMO     20120218
Panda     -     20120218
PCTools     -     20120217
Prevx     -     20120218
Rising     -     20120217
Sophos     Troj/Java-BD     20120218
SUPERAntiSpyware     -     20120206
Symantec     Trojan.Gen.2     20120218
TheHacker     -     20120218
TrendMicro     JAVA_EXPLOYT.KAT     20120218
TrendMicro-HouseCall     JAVA_EXPLOYT.KAT     20120218
VBA32     Exploit.Java.CVE-2011-3544.l     20120217
ViRobot     -     20120307
VirusBuster     -