[Community-sigs] Win.Trojan.Zbot
Christopher McBee (chmcbee)
chmcbee at cisco.com
Wed Aug 3 13:19:48 EDT 2016
Askar,
your submission has been published.
Thanks again,
Christopher
> On Aug 2, 2016, at 1:32 PM, Christopher McBee (chmcbee) <chmcbee at cisco.com> wrote:
>
> Askar,
> thanks very much for your submission. Your signature has been added to FP testing.
>
> Thanks,
> Christopher
>
>> On Aug 1, 2016, at 12:43 PM, Askar Dyussekeyev <dyussekeyev at yandex.kz> wrote:
>>
>> Win.Trojan.Zbot:1:1536:8B35580043008B0D0800430033F189352C0043008B1D440043008B05440043002BD88905580043008B35440043008B1D6845430033F3891D5C0043008B35080043008B0D2C00430023CE8935580043008B3D6000430081EF00000076893D600043008B156000430081C2204008108915580043008B35940043008B056845430023F089057C0043008B1D600043008B356845430033F3891D08004300E94A040000
>>
>> signature looks for specific block at the obfuscated code.
>>
>> detections (120):
>> 043d63e67b4ef4a7174a1103f82b1aba
>> 045b537a4b75acc943ea54f31059ac33
>> 06f3e0df4581c1b39808395159dc7cdb
>> 0c49c83de2bf6a5e64c14e881b2fa6dd
>> 0e1ad52e98ff129a0044c11ce0424e42
>> 116314be15b39d22c7b1b6975ccb050e
>> ................................
>> eef86a6273e4d7f4d1d2d116bf0b1f35
>> f1325cfd3d98f6b65ca8abcbe3e7a4a1
>> f64ab7f576786786055993410d0179fe
>> f95db96314b3a6794b414609e4679159
>> fc61bb3ab362e2247cceee78f178f285
>> ff392b0a919c18e11798d7eb64470345
>> _______________________________________________
>> Community-sigs mailing list
>> Community-sigs at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>>
>> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
More information about the Community-sigs
mailing list