[Community-sigs] Win.Trojan.Crypt
Emmanuel Tacheau
etacheau at sourcefire.com
Sat Sep 19 04:29:17 EDT 2015
Thank you! This will be reviewed and FP checked today, and will likely be
published on Monday.
On Fri, Sep 18, 2015 at 1:25 PM, Arnaud Jacques / SecuriteInfo.com <
webmaster at securiteinfo.com> wrote:
> Hello sigmakers,
>
> Win.Trojan.Crypt:1:EP+0:558bec6aff68????400068??
>
> 37400064a100000000506489250000000083c4985356578965e8c745fc000000006a02ff15??
> 40400083c404c705????4000ffffffffc705????4000ffffffffff15??4040008b0d????
>
> 40008908ff15??4040008b15????40008910a1??4040008b08890d????4000e886010000a1????
> 400085c0750e68??374000ff15??
> 40400083c404e83a010000680c6040006808604000e81d01000083c4088b15????
> 40008955948d4594508b0d????4000518d559c528d4590508d4da051
>
> Number of samples detected by the signature : 87
>
> MD5 of detected samples :
> 498e80bc3d2330edda0188e59fd9ee4d
> ea8eebc5c0438324947c09cbff6768f7
> 6f71b79c4d5776e984c3bb281cab89a0
> e7bc4bf91c110a3413a21f3a6382d8ff
> 6f883bf02e5075a7d56794e1180d1965
> 43f278c6b1c6a634de84a1b1a2254df9
> 3c05f6643ae3c1edec1807a395c737b9
> 1036b5e2e3fedfed6b2974d9134aadbc
> d2319aa85905775bd3f187cb42143852
> 588d1dcb12c444f1df15907526b2041e
> 03cbb0ba3258f06014507508fe1cb06c
> 336e9c97a855d2ec3f282de2e327af97
> b1adc8a2ecebbec9b97fbeef20637a9e
> 9f0dd87599f8fdd05d355c2a60ecd33d
> d76ab24d3d9f771fb41ddfbe113c3117
> e32c78100427bfeb7ad1b0357900dd71
> 497d6713daef59dce32fe118477de8f0
> 03857ceebb397ba9eafdbf68f475b3de
> 7f745fdfb7aada54f673c5816b40550f
> 137408f7f5e315b9e1c1258c4b619bba
> f5f5521f22737ba32954e9a73795091d
> 8a1a54af4c8619a490aea3a2810d5caf
> 9051305522ce2e587aa4499747c1379c
> 8ba64ba1eda40ffea37690a3e7dcab92
> feeac4bad7010b2bcf37e7713ec38e74
> 5fdb8ba78636e7faa764104013f8d544
> 849e72b293add8ce2665d5b71b7abf58
> 3a001c8f53eb68f3f8ba3d2ade8f5656
> 5702d049fc52715ba4168132f349f44a
> 434b0b61890fb0ca08a1b223168b0eac
> 364d0fd817dec2d16389c0a4f985bed2
> 316beede71291a746e869d9837ef7734
> 2f79c2bbb7042a4a0e5cb094c11aea2b
> f0f04cac106147c68589096e7ab962cc
> e9a557aaae55201f5cdb8e41b610b798
> 473cf75adb41f33d8b1a83761f951bdf
> 5d206daff65d8bc48c1dc0aa0041fcfe
> 2a20dcfa66f4e70f132d53d49122f3d5
> c3c71cbb60326bfd88acc637ec98af97
> 2645a228f737f8f02fba22afbe481dfb
> 097c81174ac283dbddc2634c4bc9c2f6
> 0c6a5ff63b62f69a67588d89736eb6ed
> cb8b2dd1fe0b13a41e5e4d1a6bd17f77
> 5bd36d888695fb3efda63d318c0df2f6
> 343f92b47782740eae76b8273b58d092
> d0ee8202fa5d2683840a164566257aeb
> a793e9c261d5c54f6d08e3947138e6cd
> 2886f9444a81ae05eeb7104788554ffa
> a5b9428e5106c81eac2445f04bc7bb96
> a452eea999e876c67a0f2fdd8d2b373b
> 4e51730d013e759f3e9e1b664f2c22df
> b9f2a5217b8b9c2414a4f7e5431213fc
> 3afbdb6ac216d7c7efe6c4ec2654e1b9
> 5f3a6e4c318f22ceff7c600f9bbb137f
> ee9934045d1f49c01c292e7c72e963fd
> a3fae711fa6b02dc37bf7cbec1d95529
> 5c1700650fca66f405b5e601da1ec6a3
> 15da20f0a79c44a28c44edc2608db49a
> b8bc817a97999fc514ef0bf2cae18ef3
> 05934bf88ac3b74183c98520be82486d
> 686657d258de69330c2c8f01f0d76447
> 75e2009ffd4435e5834f378eb1081625
> 3d08cff76b541f24d030f2bfda630474
> f798967514384549a00ba3809ae9f2f8
> 693135d3e9353a816084326503d57426
> f5ae44a1bb90d329222724a6ebbd4284
> 2c2ee5f9d6654c508600272d610283f6
> 5e1eb317c02f6adeffc72087067a0151
> a930243cd55d275c470b384bd47544c9
> d7a7b486e8707161a953ab99cce27f01
> 47fccf2df89d2669093c37773f117cd1
> 6ca1f3024484254f35753028d194f222
> 2eda7e3e64eafc66976268367de830f5
> 7847aa14ddaa90212a6688f1d0480642
> bea124354adf974740f950d51b90c5b6
> 148fd5552329e04422255ef3807893e8
> ef14d54f89e9db099445bb3d35b3ba0f
> 5e6d44352d5ca061a81223e2f1f879c2
> 80cbff06a5caf4d1a67ab0afd45b9cdd
> 68685cadbd621601e4fa639c51c9931a
> a79851d6b164c0fba0879910f9eaa712
> efcff62e4cc67c5b25d633b1453a0b1b
> 3dc5a1f1b63a9325348ab7fc4d74afae
> 9c777860ac64a634b030c2fc7651fee4
> fd197ec729312d0641e7e2e45166d237
> 10c38fcf4c5d615fd2d4b4016042bed7
> a455be856532f488584c266c85161932
>
> --
> Best regards,
>
> Arnaud Jacques
> SecuriteInfo.com
>
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : https://twitter.com/SecuriteInfoCom
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
>
More information about the Community-sigs
mailing list