contagio malware exchange: 012 - Crime - ZeroAccess.D -rootkit - Web

About contagio exchange

CONTAGIO EXCHANGE Contagio exchange was created to absorb malware samples shared by readers of Contagio. This is meant to be a community driven malware collection.

Edit Aug 2013 - The community is busy and Mila too so this was not a very active site (my fault probably) so I will be just dumping malware strings here - it often helps in malware identification and googling is the best way.

With just strings, not exactly a fun blog to read but might become s useful resource over time.

I will not be posting samples here, just md5. You can find the corresponding samples on contagio or ping me if you can't find

P.S. Robot pictures delivered by Robohash.com (generated from file hashes)

Wednesday, April 4, 2012

012 - Crime - ZeroAccess.D -rootkit - Web - Feb-Mar 2012

MD5 07665069649a5b4df0316c29ec2b0cdc

Download (pass infected)

SHA256:	9ed60d93d43fc9a8a670e4eab9c0ddda65b59567bad2ffe17f4518d1ad368415
SHA1:	1cc11aa2d3936188b47658b73c6044aca84543f5
MD5:	07665069649a5b4df0316c29ec2b0cdc
File size:	56.1 KB ( 57472 bytes )
File name:	07665069649a5b4df0316c29ec2b0cdc
File type:	Win32 DLL
Detection ratio:	36 / 41
Analysis date:	2012-04-02 04:42:34 UTC ( 2 days, 21 hours ago )

Antivirus	Result	Update
AhnLab-V3	Trojan/Win32.ZAccess	20120401
AntiVir	TR/Rootkit.Gen	20120401
Antiy-AVL	-	20120401
Avast	Win32:Rootkit-gen [Rtk]	20120401
AVG	BackDoor.Generic13.BKJK	20120402
BitDefender	Gen:Variant.Sirefef.1	20120402
ByteHero	-	20120328
CAT-QuickHeal	RootKit.ZAccess.A	20120401
ClamAV	Trojan.Rootkit-3026	20120402
Commtouch	W32/Rootkit.M.gen!Eldorado	20120401
Comodo	TrojWare.Win32.Rootkit.ZAccess.A	20120401
DrWeb	BackDoor.Maxplus.13	20120402
Emsisoft	Trojan-Dropper.Win32.Sirefef!IK	20120402
eTrust-Vet	Win32/Sirefef.C!generic	20120331
F-Prot	W32/Rootkit.M.gen!Eldorado	20120401
F-Secure	Gen:Variant.Sirefef.1	20120402
Fortinet	W32/Dropper.36D7!tr.rkit	20120401
GData	Gen:Variant.Sirefef.1	20120402
Ikarus	Trojan-Dropper.Win32.Sirefef	20120402
Jiangmin	Rootkit.ZAccess.y	20120331
K7AntiVirus	Trojan	20120331
Kaspersky	Virus.Win32.ZAccess.c	20120402
McAfee	Generic Rootkit.ev	20120402
McAfee-GW-Edition	Generic Rootkit.ev	20120401
Microsoft	TrojanDropper:Win32/Sirefef.B	20120401
NOD32	Win32/Rootkit.Agent.NUT	20120402
Norman	W32/ZAccess.R	20120401
nProtect	-	20120401
Panda	Generic Malware	20120401
PCTools	Trojan.Zeroaccess	20120326
Rising	RootKit.Win32.Sirefef.a	20120401
Sophos	Troj/ZAccess-D	20120402
SUPERAntiSpyware	-	20120329
Symantec	Trojan.Zeroaccess!inf	20120401
TheHacker	Trojan/ZAccess.c	20120401
TrendMicro	TROJ_DRPR.SMUS	20120401
TrendMicro-HouseCall	TROJ_DRPR.SMUS	20120402
VBA32	Rootkit.ZAccess.c	20120330
VIPRE	Trojan.Win32.Sirefef.cr (v)	20120402
ViRobot	-	20120402
VirusBuster	Rootkit.ZAccess!+gmGVd9rpBM	20120401