About contagio exchange

CONTAGIO EXCHANGE Contagio exchange has been created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection. The site offers an upload dropbox for you to share your general (non-mobile) malware samples and follows the same post format as you see on Contagio Mobile . You can also download any samples individually or in one zip. Please be kind to the housekeeper (Mila) and follow The Rules

CONTAGIO MINI DUMP - MOBILE MALWARE
Contagio Mobile Mini-dump is a community driven mobile malware collection. The site offers an upload dropbox for you to share your mobile malware samples. You can also download any samples individually or in one zip.
CONTAGIO MALWARE DUMP Contagio Malware Dump is a personal malware analysis site maintained by Mila. If you need any samples from there, email her for the password - email address is in the profile.
NOT ALL ARE POSTED YET - DOWNLOAD EXCHANGE FILES FROM HERE

Sunday, March 11, 2012

010 - Crime - GameOver Zeus (with P2P and DGA) -trojan- - Web - Feb 2012

MD5:    29bd4104db1417d8323d124ab355e232

Download (pass infected)





Name Gameover Zeus variant (with P2P and DGA)
Category Crime
type trojan 
vector  Web
Sample credit anonymous
Date Feb 2012


https://www.virustotal.com/file/701b1a1a8f6b59c2ec79776d332a3149f9d5e2ae449214a13a5f76c371fec522/analysis/1331487539/

SHA256:     701b1a1a8f6b59c2ec79776d332a3149f9d5e2ae449214a13a5f76c371fec522
SHA1:     6027557ace4158d21b771503ed3d84f8911134a8
MD5:     29bd4104db1417d8323d124ab355e232
File size:     321.5 KB ( 329192 bytes )
File name:     melt.exe
File type:     Win32 EXE
Detection ratio:     36 / 43
Analysis date:     2012-03-11 17:38:59 UTC ( 0 minutes ago )

Antivirus     Result     Update
AhnLab-V3     Spyware/Win32.Zbot     20120310
AntiVir     TR/PSW.Zbot.142     20120311
Antiy-AVL     Trojan/Win32.Zbot.gen     20120311
Avast     Win32:Crypt-LKD [Trj]     20120311
AVG     PSW.Generic9.BJJL     20120311
BitDefender     Gen:Variant.Kazy.54668     20120311
ByteHero     -     20120309
CAT-QuickHeal     TrojanPWS.Zbot.Y     20120311
ClamAV     Trojan.Spy.Zbot-568     20120311
Commtouch     W32/Zbot.DQ.gen!Eldorado     20120311
Comodo     TrojWare.Win32.Spy.ZBot.DIWT     20120311
DrWeb     Trojan.PWS.Panda.1698     20120311
Emsisoft     Trojan-Spy.Win32.Zbot!IK     20120311
eSafe     -     20120308
eTrust-Vet     Win32/Zbot.AA!generic     20120310
F-Prot     W32/Zbot.DQ.gen!Eldorado     20120311
F-Secure     Gen:Variant.Kazy.54668     20120311
Fortinet     W32/Zbot.DIVN!tr     20120311
GData     Gen:Variant.Kazy.54668     20120311
Ikarus     Trojan-Spy.Win32.Zbot     20120311
Jiangmin     TrojanDropper.Injector.lbl     20120301
K7AntiVirus     Spyware     20120310
Kaspersky     Trojan-Spy.Win32.Zbot.divn     20120311
McAfee     PWS-Zbot.gen.re     20120308
McAfee-GW-Edition     PWS-Zbot.gen.re     20120311
Microsoft     PWS:Win32/Zbot.gen!AF     20120311
NOD32     Win32/Spy.Zbot.AAN     20120311
Norman     W32/Agent.XEHW     20120310
nProtect     Trojan-Spy/W32.ZBot.329192     20120311
Panda     Generic Trojan     20120311
PCTools     -     20120311
Prevx     -     20120311
Rising     -     20120309
Sophos     Troj/Zbot-BJZ     20120311
SUPERAntiSpyware     -     20120308
Symantec     Trojan.Zbot!gen30     20120311
TheHacker     Trojan/Spy.Zbot.dixa     20120309
TrendMicro     TSPY_ZBOT.SMKS     20120311
TrendMicro-HouseCall     TSPY_ZBOT.SMKS     20120311
VBA32     TrojanSpy.Zbot.diwt     20120311
VIPRE     Trojan.Win32.Zbot.bjz (v)     20120311
ViRobot     -     20120311
VirusBuster     TrojanSpy.Zbot!9voVWKfmClE     20120311

No comments
The file is a malware known as "CRDF.Trojan.PWS.Win32.PEx.Delphi.9883274346". Report on this threat: http://threatcenter.crdf.fr/?More&ID=70808 - 70808 -
#malware
Labels: , ,