[Community-sigs] new sigs W97M/VBA TrojanDownloader.Drixed

Alain Zidouemba azidouemba at sourcefire.com
Fri Jan 9 19:24:45 EST 2015


Thanks for your signatures Andrei. We will review them and get back to you
shortly.

- Alain

On Fri, Jan 9, 2015 at 7:55 AM, <andreisaygo at live.ie> wrote:

> Signatures:
>
> W97M.TrojanDownloader.Drixed:2:*:57696E3634{-10}50747253616665{-10}55524C446F776E6C6F6164546F46696C6541{-70}75726C6D6F6E{-20}4D7367426F78{-40}4175746F4F70656E{-10}576F726B626F6F6B5F4F70656E{-80}4372656174654F626A656374
>
>
> VBA.TrojanDownloader.Drixed:7:*:2369662077696E3634207468656E2070726976617465206465636C61726520707472736166652066756E6374696F6E2075726C646F776E6C6F6164746F66696C6561206C6962202275726C6D6F6E222028627976616C20*6966203D2075726C646F776E6C6F6164746F66696C65612830262C202C202C2030262C20302629*736574203D206372656174656F626A65637428*222929202E6F70656E20656E6420737562
>
>
> Hashes:
> W97M.TrojanDownloader.Drixed
> MD5: 61a314f2b18f93d65724abb84f0df3b9
> SHA1: b726e32efa9b49ee38fdb4e2585ef4d7991468ef
> SHA256: d75b7a1865bed23978462197e7b5d8f1f25dd7eec8244d29f4710dc22bf6e36e
>
>
> VBA.TrojanDownloader.Drixed
> MD5: 7419ed7a1d0cdef5ead25296bcaf1bab
> SHA1: a535ffabb8bf4508070d4f61ca07d2efcf351d2b
> SHA256: de97f36bd9172af0a8b4ab0a5580a513b6d783bac95e469acbadbaa6d017d27c
>
>
> W97M.TrojanDownloader.Drixed sig:
>
> Win64*PtrSafe*URLDownloadToFileA*urlmon*MsgBox*AutoOpen*Workbook_Open*CreateObject
>
>
> Regards,
> Andrei Saygo
>
>
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
>


More information about the Community-sigs mailing list