[Community-sigs] Win.Trojan.Agent
Xabier Ugarte-Pedrero
xpedrero at sourcefire.com
Wed Aug 17 08:59:47 EDT 2016
Hello Askar,
Thank you very much for your submission. Your signature has been
submitted for FP test and will be published soon.
Regards,
-- Xabier
On Tue, Aug 16, 2016 at 1:12 PM, Askar Dyussekeyev
<dyussekeyev at yandex.kz> wrote:
> Win.Trojan.Agent:1:8224:8B44240453555633ED85C0577505B8????????8B7C241883FF017D05BF010000008B4C241C8A1133F68BD8EB038D49008A083ACA740484C9750E83C6013BF7740C84C9740C8D580183C001EBE38BE82BEB50E8????????8B7424208BF885FF741156E8????????555350E8????????83C40C5655E8????????85FF8BF0750B555356E8????????83C40C5FC6042E005E5D5BC21000
>
> signature looks for specific block of code
>
> detections (61):
> 039d21972241c29415d503fc2fba2866
> 04ca2c6806dba43013fd0b9d74a42c90
> 066c6dbe53816929ec272e91803f3a1b
> 0af465b9b82b60a0f1e8bde359d63e59
> 0e29b980dc9373ef8ab1c14707dc414c
> 1481e9e81a8dbaee2580711948e5c7ba
> 15b7ebfda0e1a58a68df8d56879a3b4d
> 15c9424fcd063b234041033d5f19ff4c
> 163307a5f209b9f1697d371b6ca1671b
> 17d8955df45096e2bb60bc0c12c12975
> 18ff3e27e193c995a51ecf1959fab1ee
> 1e326fabe80681736d0f615a8f20fc2c
> 2905d640ae0821c1d776b26c57480c5a
> 2a3dc87a792c5a97bde6ebd1308dec91
> 2a6a30690528faaafd66b2d1f103b2fc
> 308672a0208032f5f1d3d0e3494aac9c
> 3fa908fed67dfb98302cd46d82fba115
> 4576d3fb06b399b3da9c0ef9c4912971
> 474c576326036d7a4ba9c32c52fa43db
> 48c1591d79d27aa78e8b46d38ff94163
> 4a6a11f9f0efa8e00a221426d5261277
> 54db18437e5efe0ad5046be2aa7e1e0c
> 5c64f57902fdcb1bedc99ecb8a9480ae
> 683a87ee9e92d2a4d9d3cfd5e50066eb
> 68e58854af18fd671f90a7b9d035d686
> 6af66e3eb4f3b31959a82232358d92fc
> 6d7aacce7200259731e5c9822ed8182a
> 70a128d3c12ffc50b71d40301435aa57
> 759baa0037cfcc087b991c1c47284064
> 7de88d6b6cac026719676579c42a2e9a
> 7fa5009cce7f333f1b40043f8d9aafd5
> 82e37ddf4ef2750ab7ab66ebc550cbbf
> 82e63efac9f3607b4740ad407352e0ed
> 85c60d1503d5d088da455759d50d2cff
> 898bc051a02a1bf96123159eb3da4109
> 8b6a689d17692da6dfdfa59851f37e0e
> 8ec3ecff8f87488e614ba6833751392c
> 955010ba058c98f182390916e0ad6fe8
> 9836ecdecd9496760d5b898576dec282
> 9988e945212eb46161e3f8e2825841cb
> 9ee5af689f643179f8265ed660f764b8
> 9f75859f49220af261b6c5d0df05fe99
> a18b29f87b57f087d270827df0e43b06
> a4367e938c22257ac1a3bd6ac6a455b6
> a4cbec2d1694635dc03427d014032a32
> a61aaef173b43cb5da3478ffd9c5c109
> aa7f069ec8259567f79d820e73530872
> b09d2e6667261b990cb70de2ee4f29ab
> bcf8e2de733317093ea171a8afb97e85
> bf0cd1cd65cad21a41b483367fe138cb
> c0ba49f7adb8c0b3f8873910f1da3317
> c68aaeeae1d0fa6fc437ec6d138b2d9e
> ce876a021a68abd45f2b17c9f4dcbfab
> cec2ffa8321395bc9c31a47514d19679
> d22783e57bb9a2dfb0811e9e7c4c9c66
> d44f0d0a79ae1787d1b334a85d835421
> d6f2be8823030244f7d711304a3cf948
> ebb2a8a4a2904d38c44d64a0a294f590
> f9623c966dd142e660c78a978c067c4d
> f97847dd5207f0e2960ecc811e569ae1
> fdf6527dba695d3a487befb7888bf8cb
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
More information about the Community-sigs
mailing list