Clicky

Pages

Showing posts with label Vir-Win32.Magania. Show all posts
Showing posts with label Vir-Win32.Magania. Show all posts

Tuesday, March 9, 2010

Mar 8 Trojan Win32.Magania from www71625@yahoo.com.tw

The message contains a password protected rar archive with
第一乞丐潮哥.cmd    Size: 284694   MD5:  D84C9278AF1C162AFF8BA617B56BA645  inside.
From: www71625 [mailto:www71625@yahoo.com.tw]
Sent: Monday, March 08, 2010 6:53 PM
To: XXXXX
Subject: 超牛B,中國第一极品帥哥的傳說,蓋過現實明星..壓縮密碼668

咋樣?哥老犀利、老有型了,网絡從沒寂寞過。也不甘寂寞--..壓縮密碼668



Result: 15/42 (35.72%)
AntiVir    8.2.1.180    2010.03.05    TR/Drop.Agen.283856
AVG    9.0.0.787    2010.03.07    PSW.OnlineGames3.AEQN
DrWeb    5.0.1.12222    2010.03.07    Trojan.Packed.1132
F-Secure    9.0.15370.0    2010.03.07    Trojan:W32/Agent.NRR
Fortinet    4.0.14.0    2010.03.07    SPY/Magania
Ikarus    T3.1.1.80.0    2010.03.07    Worm.Win32.Taterf
Kaspersky    7.0.0.125    2010.03.07    Trojan-GameThief.Win32.Magania.cxsb
McAfee    5912    2010.03.06    New Malware.bl
McAfee+Artemis    5912    2010.03.06    New Malware.bl
McAfee-GW-Edition    6.8.5    2010.03.07    Trojan.Drop.Agen.283856
Microsoft    1.5502    2010.03.07    VirTool:Win32/Obfuscator.EX
Panda    10.0.2.2    2010.03.07    Trj/CI.A
Sophos    4.51.0    2010.03.07    Sus/UnkPack-C
Sunbelt    5780    2010.03.07    VirTool.Win32.Obfuscator
Symantec    20091.2.0.41    2010.03.07    Backdoor.Graybird
Additional information
File size: 284694 bytes
MD5...: d84c9278af1c162aff8ba617b56ba645

Symantec and PCtools detect it as Graybird, aka Gray Pigeon, but it is not. It is a classic Magania trojan described here by F- Secure


read more...
Posted by Mila at 12:36 AM 0 comments Tags: ,
Subscribe to: Posts (Atom)
Home