[Community-sigs] Win.Trojan.Agent
Askar Dyussekeyev
dyussekeyev at yandex.kz
Sat Oct 3 14:15:02 EDT 2015
Win.Trojan.Agent:1:EP+0:558BEC6AFF68????400068????400064A100000000506489250000000083EC685356578965E833DB895DFC6A02FF15????400059830D????4000FF830D????4000FFFF15????40008B0D????40008908FF15????40008B0D????40008908A1????40008B00A3????4000E8????????391D????4000750C68????4000FF15????400059E8????????68????400068????4000E8????????A1????40008945948D459450FF35????40008D459C508D4590508D45A050FF15????400068????400068????4000E8????????83C424A1????40008B3089758C803E22753A
signature looking for specific piece of code at the entry point
detections:
cf9c2d5a8fbdd1c5adc20cfc5e663c21
0cf9e999c574ec89595263446978dc9f - Win.Trojan.Agent-195528
7aecb34616245eb6b2906358151be55b - Win.Trojan.Agent-195516
929802a27737cebc59d19da724fdf30a - Win.Trojan.Agent-195662
c04c796ef126ad7429be7d55720fe392 - Win.Trojan.Agent-195663
d34e357461c55d90c52309c1ff952b4c - Win.Trojan.Agent-195664
dd21d1ea2146861a4219b1cbdaefe59b - Win.Trojan.Agent-195671
fcdaa67e33357f64bc4ce7b57491fc53 - Win.Trojan.Agent-195515
More information about the Community-sigs
mailing list