[Community-sigs] new sigs W97M/VBA TrojanDownloader.Drixed

andreisaygo at live.ie andreisaygo at live.ie
Fri Jan 9 07:55:23 EST 2015


Signatures:
W97M.TrojanDownloader.Drixed:2:*:57696E3634{-10}50747253616665{-10}55524C446F776E6C6F6164546F46696C6541{-70}75726C6D6F6E{-20}4D7367426F78{-40}4175746F4F70656E{-10}576F726B626F6F6B5F4F70656E{-80}4372656174654F626A656374

VBA.TrojanDownloader.Drixed:7:*:2369662077696E3634207468656E2070726976617465206465636C61726520707472736166652066756E6374696F6E2075726C646F776E6C6F6164746F66696C6561206C6962202275726C6D6F6E222028627976616C20*6966203D2075726C646F776E6C6F6164746F66696C65612830262C202C202C2030262C20302629*736574203D206372656174656F626A65637428*222929202E6F70656E20656E6420737562


Hashes:
W97M.TrojanDownloader.Drixed
MD5: 61a314f2b18f93d65724abb84f0df3b9
SHA1: b726e32efa9b49ee38fdb4e2585ef4d7991468ef
SHA256: d75b7a1865bed23978462197e7b5d8f1f25dd7eec8244d29f4710dc22bf6e36e


VBA.TrojanDownloader.Drixed
MD5: 7419ed7a1d0cdef5ead25296bcaf1bab
SHA1: a535ffabb8bf4508070d4f61ca07d2efcf351d2b
SHA256: de97f36bd9172af0a8b4ab0a5580a513b6d783bac95e469acbadbaa6d017d27c


W97M.TrojanDownloader.Drixed sig:
Win64*PtrSafe*URLDownloadToFileA*urlmon*MsgBox*AutoOpen*Workbook_Open*CreateObject


Regards,
Andrei Saygo

 		 	   		  


More information about the Community-sigs mailing list