[Community-sigs] Win.Trojan.Zbot
Askar Dyussekeyev
dyussekeyev at yandex.kz
Mon Aug 1 12:43:08 EDT 2016
Win.Trojan.Zbot:1:1536:8B35580043008B0D0800430033F189352C0043008B1D440043008B05440043002BD88905580043008B35440043008B1D6845430033F3891D5C0043008B35080043008B0D2C00430023CE8935580043008B3D6000430081EF00000076893D600043008B156000430081C2204008108915580043008B35940043008B056845430023F089057C0043008B1D600043008B356845430033F3891D08004300E94A040000
signature looks for specific block at the obfuscated code.
detections (120):
043d63e67b4ef4a7174a1103f82b1aba
045b537a4b75acc943ea54f31059ac33
06f3e0df4581c1b39808395159dc7cdb
0c49c83de2bf6a5e64c14e881b2fa6dd
0e1ad52e98ff129a0044c11ce0424e42
116314be15b39d22c7b1b6975ccb050e
................................
eef86a6273e4d7f4d1d2d116bf0b1f35
f1325cfd3d98f6b65ca8abcbe3e7a4a1
f64ab7f576786786055993410d0179fe
f95db96314b3a6794b414609e4679159
fc61bb3ab362e2247cceee78f178f285
ff392b0a919c18e11798d7eb64470345
More information about the Community-sigs
mailing list