[Community-sigs] win.downloader javascript
Per-Erik Persson
pegpe at kth.se
Tue Jul 5 05:18:59 EDT 2016
Hello sigmakers
I might need some help with this signature since it seems to simple.
The are loads of ugly javascripts that use this line of code to check that it is 2016 and that the javascript is version 1.2 or earlier.
I get couple of hundred hits per day on the mailservers on this one.
Win.Downloader.11:*:*:696620286e6577204461746528292e6765745965617228293d3d3230313629
An example file can be found here:
https://virustotal.com/sv/file/3e0064837a32e5fda5000752ba79d80c22fd06bb55cc5d3daa306c7c28c563d3/analysis/
More information about the Community-sigs
mailing list