过主流2 (天天更新) (此帖完,1024楼有新帖子地址)

jayavira

回复 49楼 sam.to  的帖子
ess 清空

ssama

765735-49 avast! Kill all-Win32:Malware-gen

sam.to

e03f8b134d4d2773dd15028df3ffdfba  CPAC.Imaging.Pro.3.0.Crack.40063.exe
70d92cf721f31826e6bc8c6be9c10ab6  CPAC.Imaging.Pro.3.0.Keygen.40063.exe
43ba578d4bcc461b692a7da6b7e2fc4f  HTTP..Kaspersky.Internet.Security.2010.9.0.0.980.Crack.40063.exe
5d12e290e5a00c0c1bf6388c07bdc4c1  HTTP..Kaspersky.Internet.Security.2010.9.0.0.980.Keygen.40063.exe
45b9ab29f3c5fed03c4af8240d7f67d7  HWiNFO32.3.58.Crack.40063.exe
e13598f89be0509518813c5f39a98a8f  HWiNFO32.3.58.Keygen.40063.exe
f4a0ce0278fb83a8e05465704e080647  PowerArchiver.2010.11.64.01.Crack.40063.exe
a3de6bf4db1a767a6f57f8c506b8ff1c  PowerArchiver.2010.11.64.01.Keygen.40063.exe
b08c4ca38c8003933691b08b14899a2a  Trend.Micro.Internet.Security.Pro.2010.Crack.40063.exe
f6bfad6f0fb58648bec31529a69f3a2c  Trend.Micro.Internet.Security.Pro.2010.Keygen.40063.exe
56d3c1cec42f6d054b5954a7a94d2b71  VMware.Infrastructure.3.ESX.3.5.Crack.40063.exe
cf9063ac26d42730b69027f301a5832a  VMware.Infrastructure.3.ESX.3.5.Keygen.40063.exe


to kl,ll,mcafee,comodo,avira




A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25866128	CPAC.Imaging.Pro...63.exe_	121.5 KB	UNDER ANALYSIS
25866129	CPAC.Imaging.Pro...63.exe_	121.5 KB	UNDER ANALYSIS
25866130	HTTP..Kaspersky....63.exe_	121.5 KB	UNDER ANALYSIS
25866131	HTTP..Kaspersky....63.exe_	121.5 KB	UNDER ANALYSIS
25866132	HWiNFO32.3.58.Cr...63.exe_	121.5 KB	UNDER ANALYSIS
25866133	HWiNFO32.3.58.Ke...63.exe_	121.5 KB	UNDER ANALYSIS
25866134	PowerArchiver.20...63.exe_	121.5 KB	UNDER ANALYSIS
25866135	PowerArchiver.20...63.exe_	121.5 KB	UNDER ANALYSIS
25866136	Trend.Micro.Inte...63.exe_	121.5 KB	UNDER ANALYSIS
25866137	Trend.Micro.Inte...63.exe_	121.5 KB	UNDER ANALYSIS
25866138	VMware.Infrastru...63.exe_	121.5 KB	UNDER ANALYSIS
25866139	VMware.Infrastru...63.exe_	121.5 KB	UNDER ANALYSIS

Trojan-Downloader.Win32.CodecPack.mkr

New malicious software was found in these files. Detection will be included in the next update. Thank you for your help.

Please quote all when answering.
The answer is relevant to the latest bases from update sources.

Regards, Kuskov Vladimir
Virus Analyst






Please find a detailed report concerning each individual sample below:

Filename

Result

CPAC.Imaging.Pro...63.exe_

MALWARE

The file 'CPAC.Imaging.Pro.3.0.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

CPAC.Imaging.Pro...63.exe_

MALWARE

The file 'CPAC.Imaging.Pro.3.0.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

HTTP..Kaspersky....63.exe_

MALWARE

The file 'HTTP..Kaspersky.Internet.Security.2010.9.0.0.980.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

HTTP..Kaspersky....63.exe_

MALWARE

The file 'HTTP..Kaspersky.Internet.Security.2010.9.0.0.980.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

HWiNFO32.3.58.Cr...63.exe_

MALWARE

The file 'HWiNFO32.3.58.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

HWiNFO32.3.58.Ke...63.exe_

MALWARE

The file 'HWiNFO32.3.58.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

PowerArchiver.20...63.exe_

MALWARE

The file 'PowerArchiver.2010.11.64.01.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

PowerArchiver.20...63.exe_

MALWARE

The file 'PowerArchiver.2010.11.64.01.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

Trend.Micro.Inte...63.exe_

MALWARE

The file 'Trend.Micro.Internet.Security.Pro.2010.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

Trend.Micro.Inte...63.exe_

MALWARE

The file 'Trend.Micro.Internet.Security.Pro.2010.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

VMware.Infrastru...63.exe_

MALWARE

The file 'VMware.Infrastructure.3.ESX.3.5.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

Filename

Result

VMware.Infrastru...63.exe_

MALWARE

The file 'VMware.Infrastructure.3.ESX.3.5.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/FraudPack.hub.25.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.

jayavira

回复 53楼 sam.to  的帖子

to eset

http://samples.nod32.com.sg/inde ... fbc624b148d0c9c67c4
   

ssama

765735-53 to avast!(email)

ablhr

53
mp清空

sam.to

6d437c1c7519c17c0eacec9b21ffa3d7  Face.Off.Max.3.1.0.2.Crack.40063.exe_
7120a0b7917ae87e73771e0795a62d63  Face.Off.Max.3.1.0.2.Keygen.40063.exe_
f9dabf104b2e42a28f7b89890ba93ca5  Geopainting.GPSMapEdit.1.0.64.1.Crack.40063.exe_
2bef8b6cc732832c9ac4a375ec478cad  Geopainting.GPSMapEdit.1.0.64.1.Keygen.40063.exe_
a5b3b749e449476ec7fea021c4a7cc53  ID3.Renamer.4.0.6.Crack.40063.exe_
b81bb7babd113d2835ea520a0ca8f991  ID3.Renamer.4.0.6.Keygen.40063.exe_
aef38824db34028bc5b6b3a801135dea  Nero.9.4.13.2.Crack.40063.exe_
ef3682ce94d82281e406c0f6d69a25d8  Nero.9.4.13.2.Keygen.40063.exe_
91f1a9d0417ed742c7e60e104e98fb16  RAR.Password.Recovery.Magic.6.1.287.Crack.40063.exe_
e5c68cff4f1c3b4ceaeb04e08a0a0b2a  RAR.Password.Recovery.Magic.6.1.287.Keygen.40063.exe_
72cb5f48a44deb9f9584c3d0ac267723  Real.VNC.Enterprise.4.5.Crack.40063.exe_
2bba466e020d96fc4c7ab5d60933ca2c  Real.VNC.Enterprise.4.5.Keygen.40063.exe_


to kl,ll,mcafee,comodo,avira


A listing of files contained inside archives alongside their results can be found below:

File ID	Filename	Size (Byte)	Result
25867044	Face.Off.Max.3.1...63.exe_	127.5 KB	UNDER ANALYSIS
25867045	Face.Off.Max.3.1...63.exe_	127.5 KB	UNDER ANALYSIS
25867046	Geopainting.GPSM...63.exe_	127.5 KB	UNDER ANALYSIS
25867047	Geopainting.GPSM...63.exe_	127.5 KB	UNDER ANALYSIS
25867048	ID3.Renamer.4.0....63.exe_	127.5 KB	UNDER ANALYSIS
25867049	ID3.Renamer.4.0....63.exe_	127.5 KB	UNDER ANALYSIS
25867050	Nero.9.4.13.2.Cr...63.exe_	127.5 KB	UNDER ANALYSIS
25867051	Nero.9.4.13.2.Ke...63.exe_	127.5 KB	UNDER ANALYSIS
25867052	RAR.Password.Rec...63.exe_	127.5 KB	UNDER ANALYSIS
25867053	RAR.Password.Rec...63.exe_	127.5 KB	UNDER ANALYSIS
25867054	Real.VNC.Enterpr...63.exe_	127.5 KB	UNDER ANALYSIS
25867055	Real.VNC.Enterpr...63.exe_	127.5 KB	UNDER ANALYSIS

Please find a detailed report concerning each individual sample below:

Filename

Result

Face.Off.Max.3.1...63.exe_

MALWARE

The file 'Face.Off.Max.3.1.0.2.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.8.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Face.Off.Max.3.1...63.exe_

MALWARE

The file 'Face.Off.Max.3.1.0.2.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.9.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Geopainting.GPSM...63.exe_

MALWARE

The file 'Geopainting.GPSMapEdit.1.0.64.1.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.10.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Geopainting.GPSM...63.exe_

MALWARE

The file 'Geopainting.GPSMapEdit.1.0.64.1.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.11.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

ID3.Renamer.4.0....63.exe_

MALWARE

The file 'ID3.Renamer.4.0.6.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.12.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

ID3.Renamer.4.0....63.exe_

MALWARE

The file 'ID3.Renamer.4.0.6.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.13.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Nero.9.4.13.2.Cr...63.exe_

MALWARE

The file 'Nero.9.4.13.2.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.14.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Nero.9.4.13.2.Ke...63.exe_

MALWARE

The file 'Nero.9.4.13.2.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.15.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

RAR.Password.Rec...63.exe_

MALWARE

The file 'RAR.Password.Recovery.Magic.6.1.287.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.16.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

RAR.Password.Rec...63.exe_

MALWARE

The file 'RAR.Password.Recovery.Magic.6.1.287.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.17.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Real.VNC.Enterpr...63.exe_

MALWARE

The file 'Real.VNC.Enterprise.4.5.Crack.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.18.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

Filename

Result

Real.VNC.Enterpr...63.exe_

MALWARE

The file 'Real.VNC.Enterprise.4.5.Keygen.40063.exe_' has been determined to be 'MALWARE'.
Our analysts named the threat TR/Dldr.CodecPack.mko.19.The term "TR/" denotes a trojan horse that is able to spy out data, to violate your privacy or carry out unwanted modifications to the system.Detection is added to our virus definition file (VDF) starting with version 7.10.11.45.

jayavira

回复 57楼 sam.to  的帖子

to eset

http://samples.nod32.com.sg/inde ... 6b864e10474600b775a
   

luxiao200888

诺顿
suspicious.cloud.3×12

回复 59楼 luxiao200888  的帖子


    这个只有扫描报时吗?