[Community-sigs] Win.Adware.Somoto (2 more)
Arnaud Jacques / SecuriteInfo.com
webmaster at securiteinfo.com
Sat May 23 02:23:26 EDT 2015
Hello sigmakers,
Win.Adware.Somoto:0:*:5c496e7374616c6c00fd9a80005b52414e444f4d5f535452494e475d2e72617200556e5241522e65786500fd9a805c6e73457865632e646c6c00556e5261722e6578652065202d6870{4}2f{2}2f{2}2d{2}3a{2}3a{2}205b52414e444f4d5f535452494e475d2e7261720045786563546f537461636b00556e5261722e65786500fda0800022fd9a805c696e7374616c6c(30|
31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|
36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|
39)2e6578652220fda08000637370726f64756374005555494400574d494320fd81802047657420fd8280202f464f524d41543a7465787476616c75656c6973742e78736c002f4f454d0020000d000a00090031303234002f7575696420fd80800062696f730053657269616c4e756d626572
Win.Adware.Somoto:0:*:5c496e7374616c6c00fd9a8000{3}(30|31|32|33|34|35|36|37|
38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|
33|34|35|36|37|38|39)2e65786500fd9a805c6e73457865632e646c6c00{3}(30|31|32|33|
34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|
39)(30|31|32|33|34|35|36|37|38|
39)2e657865202d79202d7022{32}220045786563546f537461636b00fda0800022fd9a805c696e7374616c6c(30|
31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|
36|37|38|39)(30|31|32|33|34|35|36|37|38|39)(30|31|32|33|34|35|36|37|38|
39)2e6578652220fda08000637370726f64756374005555494400574d494320fd81802047657420fd8280202f464f524d41543a7465787476616c75656c6973742e78736c002f4f454d0020000d000a00090031303234002f7575696420fd80800062696f730053657269616c4e756d626572
File type *is* 0, not 1. Please do not change or detection will be lost.
Number of samples detected by the signature : 1024
MD5 of detected samples (just a few) :
d9c29c84e554fe45193e984648375df2
d0251145f2b2c0bade59b7143606f981
b162d9b2a5a29c46e7fd88b4b3a63a2f
5b34afa07753588e4d73cb65cf23dc20
512c3b15ad96570c18a2e0550f37d858
b5104194e593394ca846699ca306fc8c
d477faac76bb7b28300e954839ebcba8
09b82acfa02c20f432cfc1d7a3ad07f4
9834ef2ce8c2ede2fcfb997a7782e6d4
50034b6ddf57cede7377f924cab80f68
a3e7f5d7471079c857dff7ed4e97f337
e94886270df2e599e396b69fdd7d0b12
d8ae53c04e895b4aa6e150ded9a2cf81
765aa95fced453514bd979ce07395c4e
5f6327c7b752474b5bb325aae98306f6
23da85b7f43a8b1bb841e177d5cb2e52
2cfe32a4f3027d05288ac5942574011a
3eeee47559d9f3a646e2746146c958b0
f1cded9750d4b1b4e920c26ffd219ee6
6258ff79d12d8a1f54d33db28974d2d1
cb0906ffa389499c6173157476287628
a35908d79f790b75d7d4ab8c77056f4a
2b7cefa250c9c18cd241d6bdef2c99e2
1c115d705bd667aaaebcb44e3360faec
02f8343e38ca041db5b599913609fd63
e87f6993b8241498960b6ab2bfb29fb8
9897a6cb3509489ac62e995e0fb6ea89
4e109bb028eeb95dcd4d5405c5ae803d
858de3501bbb214c4593b7e977f04dee
a4551329ad23b9260138fe09cbad4b01
2c81adf9051762663807ac4dbaaad7b6
4b160d3b801978506240ce1aca5b5fba
d488f24999850d50ec9587a08fa3f204
b0e17dbc6fc411b1628f1457f2f95a1a
dee95368fbdb3c2a6a6aeb6f52ea9df8
41982117f90a99154468c8ff8a9efc9c
424e92ca1b025dd3f08d738b2123165e
e892d930dab7ba36d7c5fed75e2fbcc9
5701a45b9b00aa19ce36c8d75a4c67d0
2c8c493993a03977e7be058fc1702b98
700f02968adc2776b0b712bf372fd9b6
569fc834f1d055470d2ac9b815d124e2
a66372cb4fa501008b8ddb32dc28fb02
5743a19038577bf9c011efe18c14d88c
cde26fd21c3ca6b0bae93a371154661e
cc05c96e55d08ea2b6e0a9e66c7e2902
4e38bb794a35db65089fba5d4d919cf3
e59cda9f40cdf8142bc5272b3f320f89
1afffac777db60f75e3d0874b70bee03
5b795d820b7e2607200b6a7bd7eab251
7d7629062991203b64aa10ed7706209a
a58ae3385c8944835d92cf432f1354fe
ea326dbeea2e52fc03d844d0683d98a3
c07dbf982e6c632abb68bfd6c786273f
82fb493c584bae085b90d5aa12486595
622130081ee6b77c794b57eeb7a78774
4f9f4be9223b9549047bb46e48aa6701
7a80639992552e4d48dfb79d133b83d7
f0bbebaa8caed3a1911623c5fe18572e
58645d979a0dbd115ecd5890449d3abf
094d224853d2f8efefc2432fe549444d
058a32da23e7ebfbf4d323606dcb0cde
2fe34578572edd9e3dcbb566dcfb5de1
222224548f2c3b42297783b15717c653
98f9a16941ea3ecaf5e0ca39e702a55a
5e91b9c4804bc437b230d2c4a3f02395
3d9f6b5d210a995a0688fc99745359e5
6667a3164e78195e4a07d3a8264d9129
2da593a093c5306c0d49ea1dd8e304c8
52bdc1863f2cf5cd9681a6f78a81a0f7
5f14d34f73b044fbbf197dfe83a7e806
5512d8967464d09215e867e02bd5256e
bcbfb589b64b362c6c06b79e810e127b
edf29ca03706d1b10a56497a79de7e79
a1c8716b501da7f8c4e889ec4818856e
cbca5cc7f7c2501643e09d5fcca4f319
eb4147637e035ec56d4cc7c47ef88ff1
99b614c630845e171ea112d1526216e3
eb870284846d92eae937881ca3bfbb3f
f03b630a92b0b1bd0e6347a91ec66d17
f3af5281efa2bf9f342300d5cd21ba23
850bafcdfecacd72a30aec57598bdb8d
af8f1a31f9fe516f4ea4749123ee26c1
1bfb6d67e897d613907fc45c63adba1c
b68294ac68af84cdf970d8758bb22081
7177c2b7b34bfe76fd92450ae48cd1d3
c11b73d87b093374909fe11a3cddcdbc
fe33182416b9c35cea53db182f5f3d15
475ef2771dee8a718e0b1cceceee50dc
913953eef6ef52c4f92479740e2fc6ad
857013b4c04e77eceb77a5d3d063024c
b985479e952777cae2f8c6ee83584bb5
861cb916c0b20e9cbf391e5d60101930
25f2e5a3bb5d7c3b46fd7af5799b4b1d
edfe6dd4a7289aa3f74c7e72a672e2f6
7c71057d2e06eaf175f5e3e2b4fe54fe
f60826c27d93ed9418b45d3f5b53bc0c
171d22233f5b4597be75bc91b0a2eaa5
44c69076b6e53055ce78b61b08ab2983
e796acd0497aa335fdabc2eb126ac678
d951b1e9b4262b025725bd4ba4200938
26c44c0b0d9a94359dce9e1bf71aae24
afdf309ec57d57ce81195a83d2ed1c85
08d5666b73a195fdc7c1d71d5016f5c7
285a4ff7d9708ba8d54d1750ca60e768
dddd0899f33d8da9bf558568783a8a25
0a68b36e6aba7c890da12c6b485321a2
9f97e5f466f84895dc1c764a3a75ed47
b3f60b8f22c7629a800a807a0006ff3f
--
Best regards,
Arnaud Jacques
SecuriteInfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : https://twitter.com/SecuriteInfoCom
More information about the Community-sigs
mailing list