[Community-sigs] new signature HTML.Downloader
andreisaygo at live.ie
andreisaygo at live.ie
Sun Nov 30 13:48:30 EST 2014
Signature:
HTML.Downloader:3:*:2e7368656c6c6578656375746522636d642e657865*2e76627326406563686f*2e6f70656e222267657422222c2222687474703a2f2f*2e72752f
(shellexecute"cmd.exe"*.vbs&@echo*.open""get"",""http://*.ru/)
MD5: 392018c50c7bdd1177cc571f64889206
SHA1: b98dbe0a358d79c1d1e3db5801095ccd464cd49c
SHA256: 4681982743593040c1f5288c9eccbf9d4f0797e885785c5130e502ed26be4a51
This one downloads 375fe2b51c3593c1ac6bf01cd30758f4 (password stealer) detected as PUA.Win32.Packer.Upx-48.
Regards,
Andrei Saygo
More information about the Community-sigs
mailing list