Email-Worm.Win32.Iksmas. (來自垃圾邮件) 最后更新:486超过150个样本)

ledled

All to VB

leonfg

eset全
C:\Documents and Settings\GUNDAM\桌面\07\couponlist.exe_ - a variant of Win32/Waledac.HC trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\coupons.exe_ - a variant of Win32/Waledac.GQ trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\coupons.exe__ - a variant of Win32/Waledac.HC trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\list.exe_ - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\salelist.exe1 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\save.exe_ - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\07\stopcrisis.exe2 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined

Palkia

to rs

sam.to

4e221fb2df9d726e116c0bbb7bce4b75  couponslist.exe6
ac0df9dfeb5a65153565e5c7080afbe2  sales.exe5
dc18182d13ad641453838ee2783f6a68  couponslist.exe1
031c9d2dbb29e505b1e277acabf6e573  couponslist.exe2
d666429df1df3a45a1a1b34f33835732  run.exe3
6474692301a42eb1249344b3d961a3b2  sales.exe4
0d7d49cc2a2e81aca765735a4f08977d  sale.exe
ffd6997006a66ca96d177e0c746a635b  sales.exe

to kl

Hello,

couponslist.exe1, couponslist.exe6, run.exe3, sale.exe7, sales.exe5, sales.exe8 - Email-Worm.Win32.Iksmas.gen

These files are already detected. Please update your antivirus bases.

couponslist.exe2, sales.exe4 - Packed.Win32.Krap.i

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.

[ 本帖最后由 sam.to 于 2009-3-6 22:21 编辑 ]

leonfg

原帖由 sam.to 于 2009-3-3 23:03 发表
4e221fb2df9d726e116c0bbb7bce4b75  couponslist.exe6
ac0df9dfeb5a65153565e5c7080afbe2  sales.exe5
dc18182d13ad641453838ee2783f6a68  couponslist.exe1
031c9d2dbb29e505b1e277acabf6e573  couponslist.exe2 ...

eset 6
C:\Documents and Settings\GUNDAM\桌面\08\couponslist.exe1 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\08\couponslist.exe2 - a variant of Win32/Waledac.HC trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\08\couponslist.exe6 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\08\run.exe3 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\08\sale.exe7 - a variant of Win32/Waledac.HB trojan - cleaned by deleting - quarantined
C:\Documents and Settings\GUNDAM\桌面\08\sales.exe4 - a variant of Win32/Waledac.HC trojan - cleaned by deleting - quarantined

ledled

to VB

sam.to

246742e5227e7add7f89034e89d57f51   coupons.exe1
7b2a61cba68c8f0cdb383549bfb91345   run.exe2
to kl


Hello,

coupons.exe1 - Packed.Win32.Krap.i

New malicious software was found in this file. It's detection will be included in the next update. Thank you for your help.

run.exe2 - Email-Worm.Win32.Iksmas.gen

This file is already detected. Please update your antivirus bases.

Please quote all when answering.

--
Sincerely yours,
Vyacheslav Zakorzhevsky,
Senior Malware Analyst,
Heuristic detection group

10/1, 1st Volokolamsky Proezd, Moscow, 123060, Russia
Tel./Fax: + 7 (495) 797 8700
http://www.kaspersky.com http://www.viruslist.com

[ 本帖最后由 sam.to 于 2009-3-6 22:25 编辑 ]

ledled

这次没有MD5重复吧

to VB

leonfg

C:\Documents and Settings\GUNDAM\桌面\2.rar » RAR » run.exe2 - a variant of Win32/Waledac.HB trojan
C:\Documents and Settings\GUNDAM\桌面\2.rar » RAR » coupons.exe1 - a variant of Win32/Waledac.HC trojan

kingmuro

过咖啡8.7i