Warning! Fake Chrome/FlashPlayer Update

Status
Not open for further replies.
M

Malware1

Level 76
Thread author
Sep 28, 2011
6,545
[attachment=2516]
[attachment=2517]

Downloaded file contains Zeus trojan (Zbot). Files are repacked every few minutes, so most antiviruses do not detected this malware.

9 scans:
https://www.virustotal.com/file/99c002b697f2370302c6acd4a1e1d7d7939202e32c536afbd0fa8df06609e561/analysis/
https://www.virustotal.com/file/2d86ee87bb67455d0f4f348b1da0d022f1e436569c4eef31ad9b9cd217e1a338/analysis/
https://www.virustotal.com/file/0e34f4eea78548348fc7eddb1623ebd20c149daecaf59ad2f24bdf469e628a1d/analysis/
https://www.virustotal.com/file/7a5623d23ccb02fdd118eddc66626cde9c8ea006d55cdf616646ed2d7e762616/analysis/
https://www.virustotal.com/file/a12d7a9cfcc3904f57281d0ed21af286dec6d451d0515ff20853e289e8e3f4b9/analysis/
https://www.virustotal.com/file/82f838f5e601aa069c4d1517d1a216bc70fba8d3ac2226aa5bb041521f3931b0/analysis/
https://www.virustotal.com/file/f335c5ef3a0d99fda4b3557f1c92e6c2bbdcb9928c5943d3bb59c7b15696d5fe/analysis/
https://www.virustotal.com/file/f335c5ef3a0d99fda4b3557f1c92e6c2bbdcb9928c5943d3bb59c7b15696d5fe/analysis/
https://www.virustotal.com/file/04c397487c4af62c03ad317549fd0d11bcd32e6f0f275ca1f2bc991cd517a52c/analysis/
 

Attachments

  • Image 11.png
    Image 11.png
    228.6 KB · Views: 721
  • Image 12.png
    Image 12.png
    52.4 KB · Views: 675
MrXidus

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Could you PM me the website links that are censored out in the images? Thanks.
 
M

Malware1

Level 76
Thread author
Sep 28, 2011
6,545
Links sent.
EDIT
More links here: http://malwaretips.com/Thread-Trojan-Horse-Zeus-Zbot
 
MrXidus

MrXidus

Super Moderator (Leave of absence)
Apr 17, 2011
2,503
Website and malicious executable both blocked in Chrome thankfully.

Xtpas.png


jscnC.png
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Well at least the cyber criminals made an effort and tried to make the site as much as possible as the original sites.The copy of the Adobe site is actually very good,nevertheless the domain should easily rise the suspicions of any decent computer user........ And KUDOS to Chome for blocking this malicious downloads...
 
Jack

Jack

Administrator
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Here is the report from ThreatExpert: http://www.threatexpert.com/report.aspx?md5=39ceca06e0077346ee4ef06201cb7bd6

Conclusions: Capability to steal information such personal financial data (credit card numbers, online banking login details), user profiles, software registration keys, passwords.
 
M

MalwareVirus

Level 1
Oct 6, 2012
770
Critical security update available for Adobe Shockwave Player

Security update available for Adobe Shockwave Player

Release date: October 23, 2012

Vulnerability identifier: APSB12-23

Priority rating: 2

CVE numbers:CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175,
CVE-2012-4176, CVE-2012-5273

Platform: Windows and Macintosh
This update addresses vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.6.7.637 and earlier versions update to Adobe Shockwave Player 11.6.8.638 using the instructions provided in the "Solution" section below.

http://www.adobe.com/support/security/bulletins/apsb12-23.html
 
Status
Not open for further replies.

Similar threads

brambedkar59
    • +Reputation
New Update WizTree Update Thread
Replies
0
Views
195
System utilities
brambedkar59
brambedkar59
R
    • +Reputation
    • Wow
    • Like
Ghacks.net website delivering malware via fake browser update messages
Replies
30
Views
4,007
Malware Analysis
TairikuOkami
TairikuOkami
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
3,006
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top