About contagio exchange

CONTAGIO EXCHANGE Contagio exchange has been created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection. The site offers an upload dropbox for you to share your general (non-mobile) malware samples and follows the same post format as you see on Contagio Mobile . You can also download any samples individually or in one zip. Please be kind to the housekeeper (Mila) and follow The Rules

CONTAGIO MINI DUMP - MOBILE MALWARE
Contagio Mobile Mini-dump is a community driven mobile malware collection. The site offers an upload dropbox for you to share your mobile malware samples. You can also download any samples individually or in one zip.
CONTAGIO MALWARE DUMP Contagio Malware Dump is a personal malware analysis site maintained by Mila. If you need any samples from there, email her for the password - email address is in the profile.
NOT ALL ARE POSTED YET - DOWNLOAD EXCHANGE FILES FROM HERE

Saturday, March 3, 2012

002 Gov - Bundestrojan - for government surveilance - Troajn - Oct 2011

MD5  930712416770A8D5E6951F3E38548691
D6791F5AA6239D143A22B2A15F627E72

Download (pass infected)




Name  Bundestrojaner
Category crime
type trojan
vector  gov install
Sample credit anonymous
Other links   http://ccc.de/de/updates/2011/staatstrojaner





Virustotal
SHA256:     be36ce1e79ba6f97038a6f9198057abecf84b38f0ebb7aaa897fd5cf385d702f
SHA1:     e4f07b5a443cd99fd45cb5e1445ac2c1be4b455e
MD5:     930712416770a8d5e6951f3e38548691
File size:     352.0 KB ( 360448 bytes )
File name:     mfc42ul.dll
File type:     Win32 DLL
Tags:     armadillo
Detection ratio:     39 / 43
Analysis date:     2012-02-13 16:41:55 UTC ( 2 weeks, 4 days ago )
Antivirus     Result     Update
AhnLab-V3     Win-Trojan/R2d2.360448     20120213
AntiVir     TR/GruenFink.1     20120213
Antiy-AVL     Backdoor/Win32.R2D2.gen     20120213
Avast     Win32:R2D2-L [Trj]     20120213
AVG     BackDoor.Generic14.BBFR     20120213
BitDefender     Trojan.Generic.6714587     20120213
ByteHero     -     20120211
CAT-QuickHeal     Backdoor.R2d2.a     20120213
ClamAV     Trojan.BTroj-1     20120213
Commtouch     W32/R2D2.A     20120213
Comodo     Backdoor.Win32.R2D2.~B1     20120213
DrWeb     BackDoor.RTwoDTwo.1     20120213
Emsisoft     Backdoor.Win32.R2D2!IK     20120213
eSafe     Win32.Backdoor.Earlt     20120213
eTrust-Vet     Win32/R2D2.A     20120213
F-Prot     W32/R2D2.A     20120213
F-Secure     Backdoor:W32/R2D2.A     20120213
Fortinet     W32/R2D2.A!tr.bdr     20120213
GData     Trojan.Generic.6714587     20120213
Ikarus     Backdoor.Win32.R2D2     20120213
Jiangmin     Backdoor/R2D2.c     20120212
K7AntiVirus     Backdoor     20120213
Kaspersky     Backdoor.Win32.R2D2.a     20120213
McAfee     BackDoor-FCA     20120213
McAfee-GW-Edition     BackDoor-FCA     20120212
Microsoft     Backdoor:Win32/R2d2.A     20120213
NOD32     Win32/R2D2.A     20120213
Norman     W32/R2D2.A     20120213
nProtect     Backdoor/W32.R2D2.360448     20120213
Panda     Trj/Bundestrojaner.A     20120213
PCTools     Backdoor.R2D2     20120207
Sophos     Troj/BckR2D2-A     20120213
SUPERAntiSpyware     -     20120206
Symantec     Backdoor.R2D2     20120213
TheHacker     Trojan/R2D2.a     20120213
TrendMicro     BKDR_R2D2.A     20120213
TrendMicro-HouseCall     BKDR_R2D2.A     20120213
VBA32     Trojan.Polizei     20120213
VIPRE     Backdoor.Win32.R2D2.a (v)     20120213
ViRobot     Backdoor.Win32.R2D2.360448     20120213
VirusBuster     Backdoor.R2D2!w/vENfl9bd8     20120213

    * Comments
    * Additional information

No comments
This is #SPYWARE
---------------------------------
Huntsville PC Repair Computer Repair Virus Removal IT Services Huntsville Alabama
Posted 1 month ago by http://www.hsvpcrepair.com/
Component of the so-called 'Bundestrojaner' (ger. for federal trojan) of the German government.

"#Bundestrojaner" is the slang-word for a Trojan horse malware program initiated by German politicians and the german government to get access to each private PC connected to the Internet.


http://ccc.de/de/updates/2011/staatstrojaner
#malware #bundestrojaner #r2d2 #360448 #6714587
Posted 1 month, 3 weeks ago by Smartcom5
very useful spy tool
#malware #spamattachmentorlink #networkworm #drivebydownload #r2d2 #360448 #6714587
Posted 4 months, 2 weeks ago by anonymous
Bundestrojaner - 0zaptis -R2D2

Trojan Backdoor

#Bundestrojaner
#0zaptis
#R2D2
#malware #bundestrojaner #r2d2 #r2d2 #360448 #6714587
Posted 4 months, 2 weeks ago by Krypto_Graph
#malware #r2d2 #360448 #6714587
Virustotal

SHA256:     3407bf876e208f2dce3b43ccf5361c5e009ed3daf87571ba5107d10a05dc7bc4
SHA1:     7bd8d737460c1dbbfc4b250fb1b6b906ed643a2d
MD5:     d6791f5aa6239d143a22b2a15f627e72
File size:     5.3 KB ( 5376 bytes )
File name:     winsys32.sys
File type:     Win32 EXE
Detection ratio:     40 / 43
Analysis date:     2012-01-26 09:54:26 UTC ( 1 month, 1 week ago )

Antivirus     Result     Update
AhnLab-V3     Win-Trojan/R2d2.5376     20120125
AntiVir     TR/GruenFink.2     20120125
Antiy-AVL     Backdoor/Win32.R2D2.gen     20120126
Avast     Win32:R2D2-F [Trj]     20120126
AVG     BackDoor.Generic14.BBFQ     20120126
BitDefender     Backdoor.Agent.AAZH     20120126
ByteHero     -     20120125
CAT-QuickHeal     Trojan.R2d2.roo     20120125
ClamAV     Trojan.BTroj     20120126
Commtouch     W32/R2D2.A     20120126
Comodo     Backdoor.Win32.R2D2.B     20120125
DrWeb     BackDoor.RTwoDTwo.1     20120126
Emsisoft     Backdoor.Win32.R2D2!IK     20120126
eSafe     Win32.Backdoor.Earlt     20120125
eTrust-Vet     Win32/R2D2.A     20120125
F-Prot     W32/R2D2.A     20120125
F-Secure     Backdoor:W32/R2D2.A     20120126
Fortinet     W32/R2D2.A!tr.bdr     20120126
GData     Backdoor.Agent.AAZH     20120126
Ikarus     Backdoor.Win32.R2D2     20120126
Jiangmin     Backdoor/R2D2.a     20120125
K7AntiVirus     Backdoor     20120125
Kaspersky     Backdoor.Win32.R2D2.a     20120126
McAfee     BackDoor-FCA!sys     20120126
McAfee-GW-Edition     BackDoor-FCA!sys     20120126
Microsoft     Trojan:Win32/R2d2.A!rootkit     20120126
NOD32     Win32/R2D2.A     20120126
Norman     W32/R2D2.A     20120125
nProtect     Backdoor/W32.R2D2.5376     20120126
Panda     Trj/Bundestrojaner.A     20120125
PCTools     Backdoor.R2D2     20120126
Prevx     -     20120126
Rising     Trojan.Win32.Generic.12A1BF23     20120118
Sophos     Troj/BckR2D2-A     20120126
SUPERAntiSpyware     -     20120126
Symantec     Backdoor.R2D2     20120126
TheHacker     Trojan/R2D2.a     20120126
TrendMicro     RTKT_R2D2.A     20120126
TrendMicro-HouseCall     RTKT_R2D2.A     20120126
VBA32     Backdoor.R2D2.a     20120125
VIPRE     Trojan.Win32.R2D2.a!rootkit (v)     20120126
ViRobot     Backdoor.Win32.R2D2.5376     20120126
VirusBuster     Backdoor.R2D2!uglG32Y6ai0     20120126

    * Comments
    * Additional information

No comments
Component of the so-called 'Bundestrojaner' (ger. for federal trojan) of the German government.

"#Bundestrojaner" is the slang-word for a Trojan horse malware program initiated by German politicians and the german government to get access to each private PC connected to the Internet.


http://ccc.de/de/updates/2011/staatstrojaner
#malware #bundestrojaner #r2d2 #aazh #5376
Posted 1 month, 3 weeks ago by Smartcom5
Bundestrojaner driver

#Bundestrojaner
#0zaptis
#R2D2
#malware #bundestrojaner #r2d2 #r2d2 #agent #aazh
Posted 4 months, 2 weeks ago by Krypto_Graph
malware of the bundestrojana
http://www.heise.de/newsticker/meldung/CCC-knackt-Bundestrojaner-1357670.html
#malware
Posted 4 months, 3 weeks ago by anonymous
Unsigned 32bit kernel mode driver with local privilege escalation, file planting, registry modification and keylogger functionality.

Part of the german federal republic trojan / (lawful?) spying tool.
#malware #r2d2 #aazh #agent
Posted 4 months, 3 weeks ago by anonymous
Gouvernment MAlware for citizen survellience.
#earltwo #r2d2 #btroj
Labels: , ,