[Community-sigs] Win.Adware.SupTab signature
Douglas Goddard
dgoddard at sourcefire.com
Mon Oct 27 15:54:37 EDT 2014
All signatures submitted have been sent in for false positive testing. They
should be published tomorrow if no false positives are found.
Thank you Willian! I will follow up off list when they are live!
On Sun, Oct 26, 2014 at 4:38 AM, Willian Cruz <
willianalbertocruz at outlook.com.br> wrote:
> Good morning guys,
>
>
> Win.Adware.SupTab;Target:1;((0|1|2|3|4)&(5|6|7|8|9|10|11|12|13|14|15))|(16&17&18&19&20);737570736F6674;42484F456E61626C6572;536F6674333635;537570536F6674;537570536F6674;4C6F6164657233322E706462;4C6F6164657236342E706462;525348502E706462;487055492E706462;42484F456E61626C65722E706462;57696E646F7773537570706F7274446C6C33322E706462;57696E646F7773537570706F7274446C6C36342E706462;53656172636850726F7465637433322E706462;4470496E74657266616365446C6C2E646C6C;4470496E74657266616365446C6C36342E706462;5375705461622E706462;2A747970653D2A267569643D2A;2A2E676F6F676C652E636F6D2E2A2F;2A2E7961686F6F2E636F6D2E2A2F;2A2E6176672E636F6D2A;63686C6F657A68616E676C696E67
>
> SHA256 of files used:
>
> 827ed3dd7c0e1b26cdbf4beb0481bc934deed0e6ea23724d9b61b3df55cb592c
> https://malwr.com/analysis/OTBkNDYxYTVlN2U5NGViZjkxNjdjNTM0YmRiZGMxMzM/
> deb54dbaa2b10ac0ad4270ee533d44fb93f76adfd0bed6fb575f2096b47709f2
> https://malwr.com/analysis/ZjUzOTNlYjAyMzQ0NDIyOWFmMjM3OGRjZDlkMTYyYzI/
> 326ae1944ebc617825ebcaabf575575fe854718b1452f6b59a4f1295ab42676c
> https://malwr.com/analysis/NWJmODE2YWIyNzYyNDc5ZTg0NzBjNGY3ZjcwNWE4Njg/
> 1e73ae958fcec12bf56115a15ee8455fe5fdd2dab31a90f8be69c6cd408e0dcb
> https://malwr.com/analysis/MWU2N2I0YWVjNWIzNGU1ZWI3MjljMTVkYWNiNWJjMTU/
> 06e9b2cd4a82ab05483fdd897b0732a9ae3414678b3adbc186f70813b697c5fb
> https://malwr.com/analysis/NTJlMWNjYzVhNjg4NGY5OWE1NmE5NmE2MzBiZjBmMjM/
> 615fab5ab248eb635d740472d12ef4d39887be0465a4414eb9d9bddd6401b3ab
> https://malwr.com/analysis/NDE2NGRiZWE3ODAxNGE3YmJiNjI2YjEwZDBmZmY5YmM/
> 7333021854705775594aefc05a4a6ae914ca36e1913a58c6a9fbe6fda3e7859d
> https://malwr.com/analysis/N2MwNzBkZmMyOWFhNGU2YmE0MjQzOThiMzBkMjViNjU/
> f16b0279c748246f58f04bc6f9787319c96fa1e6ee77ea67862c69f2a052845a
> (wasn't sandboxed)
> 3ab192071def1c5e9ade644cacf233d3e92e18d976ee0d0d19713beb1939d1e7
> https://malwr.com/analysis/NmNiYTdmNzhkNzVlNGE5ZWJlY2FmYmM3ZjdjNjVhZDA/
> 69091ea24f114d71c1af17b2eb04216b53f68cfaeeabf2980f4d7385b871cda5
> (wasn't sandboxed)
> f67aa8c66d98571cda0911b1aba449ecf0d78ea84d142a3a0a92f55ded8cad61
> (wasn't sandboxed)
> 5647e72a121807043e6d974a8f525cf9eacbc4ee53d9b9e7d9927b17b7cd27b0
> https://malwr.com/analysis/ZTk5OWMwNTA5ZjhjNGVjMmE5ZTcwYTljNDY0MjYyMjI/
>
> Cheers,
>
> Willian
>
>
>
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
>
More information about the Community-sigs
mailing list