Warning! Fake Chrome/FlashPlayer Update

[Malware1]

[attachment=2516]
[attachment=2517]

Downloaded file contains Zeus trojan (Zbot). Files are repacked every few minutes, so most antiviruses do not detected this malware.

9 scans:
https://www.virustotal.com/file/99c002b697f2370302c6acd4a1e1d7d7939202e32c536afbd0fa8df06609e561/analysis/
https://www.virustotal.com/file/2d86ee87bb67455d0f4f348b1da0d022f1e436569c4eef31ad9b9cd217e1a338/analysis/
https://www.virustotal.com/file/0e34f4eea78548348fc7eddb1623ebd20c149daecaf59ad2f24bdf469e628a1d/analysis/
https://www.virustotal.com/file/7a5623d23ccb02fdd118eddc66626cde9c8ea006d55cdf616646ed2d7e762616/analysis/
https://www.virustotal.com/file/a12d7a9cfcc3904f57281d0ed21af286dec6d451d0515ff20853e289e8e3f4b9/analysis/
https://www.virustotal.com/file/82f838f5e601aa069c4d1517d1a216bc70fba8d3ac2226aa5bb041521f3931b0/analysis/
https://www.virustotal.com/file/f335c5ef3a0d99fda4b3557f1c92e6c2bbdcb9928c5943d3bb59c7b15696d5fe/analysis/
https://www.virustotal.com/file/f335c5ef3a0d99fda4b3557f1c92e6c2bbdcb9928c5943d3bb59c7b15696d5fe/analysis/
https://www.virustotal.com/file/04c397487c4af62c03ad317549fd0d11bcd32e6f0f275ca1f2bc991cd517a52c/analysis/

 

[NSG001]

Thanks as always for the info.

 

[MrXidus]

Could you PM me the website links that are censored out in the images? Thanks.

 

[Malware1]

Links sent.
EDIT
More links here: http://malwaretips.com/Thread-Trojan-Horse-Zeus-Zbot

 

[MrXidus]

Website and malicious executable both blocked in Chrome thankfully.

 

[MalwareVirus]

Thanx for sharing Rising & sophos doing better

 

[Jack]

Well at least the cyber criminals made an effort and tried to make the site as much as possible as the original sites.The copy of the Adobe site is actually very good,nevertheless the domain should easily rise the suspicions of any decent computer user........ And KUDOS to Chome for blocking this malicious downloads...

 

[Jack]

Here is the report from ThreatExpert: http://www.threatexpert.com/report.aspx?md5=39ceca06e0077346ee4ef06201cb7bd6

Conclusions: Capability to steal information such personal financial data (credit card numbers, online banking login details), user profiles, software registration keys, passwords.

 

[MalwareVirus]

Critical security update available for Adobe Shockwave Player

Security update available for Adobe Shockwave Player

Release date: October 23, 2012

Vulnerability identifier: APSB12-23

Priority rating: 2

CVE numbers:CVE-2012-4172, CVE-2012-4173, CVE-2012-4174, CVE-2012-4175,
CVE-2012-4176, CVE-2012-5273

Platform: Windows and Macintosh
This update addresses vulnerabilities that could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system. Adobe recommends users of Adobe Shockwave Player 11.6.7.637 and earlier versions update to Adobe Shockwave Player 11.6.8.638 using the instructions provided in the "Solution" section below.

http://www.adobe.com/support/security/bulletins/apsb12-23.html