[Community-sigs] Win.Downloader

[Matthew Molyett]

Thank you. This has been submitted for FP testing.

On Sat, Jul 2, 2016 at 5:10 AM, Arnaud Jacques / SecuriteInfo.com <
webmaster at securiteinfo.com> wrote:

> Hello sigmakers,
>
>
> Win.Downloader:1:*:5245535420256400323133200000000053495a4520257300436f6e74656e742d547970653a206f637465742d73747265616d0a436f6e74656e742d4c656e6774683a202564000000436f6e74656e742d547970653a206170706c69636174696f6e2f782d7777772d666f726d2d75726c656e636f64656400504f53540000000050555400417574686f72697a6174696f6e3a2062617369632025730050726f78792d617574686f72697a6174696f6e3a20626173696320257300000048454144000000003533300025733a25730000002f656e6400000000467470436f6d6d616e64410077696e696e65742e646c6c002575204d420000002575206b420000002575206279746573000000003f3f3f00556e6b6e6f776e004e6f7420417661696c61626c6500000025643a253032643a25303264000000002f73656320290000202020282000000020256425250000002573202d2025730020284572723d25642900000023333237373000004e5349535f496e65746320284d6f7a696c6c612900000000496e65746320706c75672d696e0000002f686561
>
> Number of samples detected by the signature in my collection : 14314 (from
> may 2016 to june 2016 : still active)
>
> A sample has been submitted to http://www.clamav.net/reports/malware
>
> MD5 of submitted sample is : f55af926bc009ea260eb29405193026a
>
> Virustotal report :
>
> https://virustotal.com/fr/file/288e161ff27533afb3cb1c2743ffe7c0d04bfed4559a42d63429d508bc6510db/analysis/1467450411/
>
> I hope you will publish this fast. Thank you.
>
> --
> Best regards,
>
> Arnaud Jacques
> SecuriteInfo.com
>
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
> _______________________________________________
> Community-sigs mailing list
> Community-sigs at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/community-sigs
>
> http://www.clamav.net/contact.html#ml
>



-- 

Matthew Molyett
Cisco Talos Researcher