Fereit/Symmi Shit.exe Trojan Password Stealer Malware PCAP file download Traffic Analysis Sample

SHA256: 54c8ce7531f1b01dcda678c41fb14ffc5f223ff0427fc83de939d2286ad200f0 File name: shit.exe Detection ratio: 39 / 56 Analysis date: 2016-10-31 02:32:28 UTC ( 0 minutes ago ) AVG Crypt6.HNN 20161031 AVware Trojan.Win32.Generic!BT 20161031 Ad-Aware Gen:Variant.Symmi.68665 20161031 AhnLab-V3 Trojan/Win32.Fareit.N2141190184 20161030 Antiy-AVL Trojan[PSW]/Win32.Fareit 20161031 Arcabit Trojan.Symmi.D10C39 20161031 Avast Win32:Malware-gen 20161031 Avira (no cloud) TR/Agent.egpwh 20161030 BitDefender Gen:Variant.Symmi.68665 20161031 CAT-QuickHeal (Suspicious) – DNAScan 20161029 ClamAV Win.Trojan.Generic-3223 20161031 CrowdStrike Falcon (ML) malicious_confidence_82% (W) 20161024 DrWeb Trojan.PWS.Stealer.1932 20161031 ESET-NOD32 a variant of Win32/Kryptik.FIKV 20161030 Emsisoft Gen:Variant.Symmi.68665 (B) 20161031 F-Secure Gen:Variant.Symmi.68665 20161031 Fortinet W32/Fareit.CEIG!tr.pws 20161031 GData Gen:Variant.Symmi.68665 20161031 Ikarus Trojan.Win32.Crypt 20161030 Invincea virtool.win32.obfuscator.xy 20161018 2016-10-30 22:38:24.577664 IP 192.168.1.102.61884 > 85.143.222.24.80: Flags [P.], seq […]

Clickfraud Browswer Hijacker fcssq.exe STARTPAGE Malware Trojan PCAP file download sample

SHA256: 5bfb7c23c0000a681f4c5d259754fd45b740128956a8eba0c0f18f68e73c0b8f File name: fcssq.exe Detection ratio: 27 / 56 Analysis date: 2016-10-31 02:08:15 UTC ( 0 minutes ago ) AVG Startpage.XMP 20161031 AVware Trojan.Win32.Generic!BT 20161031 AegisLab Troj.Startpage.Gen!c 20161031 Avast Win32:Malware-gen 20161031 Avira (no cloud) TR/StartPage.663918 20161030 Comodo UnclassifiedMalware 20161031 DrWeb Trojan.DownLoader13.14385 20161031 ESET-NOD32 a variant of Win32/StartPage.NQH 20161030 Fortinet W32/StartPage.NQH!tr 20161031 GData Win32.Trojan.Agent.O9KH9R 20161031 Ikarus Trojan.Win32.StartPage 20161030 K7AntiVirus Trojan ( 004b9d361 ) 20161030 K7GW Trojan ( 004b9d361 ) 20161031 Kaspersky not-a-virus:AdWare.Win32.Amonetize.emdm 20161031 McAfee RDN/Generic.bfr 20161031 McAfee-GW-Edition RDN/Generic.bfr 20161031 NANO-Antivirus Trojan.Win32.DownLoader13.dujqej 20161031 Qihoo-360 Win32/Trojan.e26 20161031 Sophos Generic PUA AJ (PUA) 20161030 Tencent Win32.Trojan.Startpage.Eddi 20161031 TrendMicro TROJ_GEN.R02LC0FHN16 20161031 2016-10-30 21:59:34.586083 IP […]

Locky Ransomware Malware aoteatrial.net/02yls0 PCAP file download traffic sample

SHA256: 9081ecf001a89fb1fa6f2855c6385d43fd473d69de0e58ed9b9e7e23ac954aff File name: 02yls0 Detection ratio: 33 / 56 Analysis date: 2016-10-29 07:47:22 UTC ( 0 minutes ago ) Arcabit Trojan.Agent.CAHB 20161029 Avast Win32:Malware-gen 20161029 Avira (no cloud) TR/Crypt.ZPACK.elnee 20161028 Baidu Win32.Trojan.WisdomEyes.16070401.9500.9942 20161029 BitDefender Trojan.Agent.CAHB 20161029 Bkav HW32.Packed.AE7D 20161029 CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20161024 Cyren W32/Locky.BC.gen!Eldorado 20161029 ESET-NOD32 a variant of Win32/Kryptik.FIQB 20161029 Emsisoft Trojan.Agent.CAHB (B) 20161029 F-Prot W32/Locky.BC.gen!Eldorado 20161029 F-Secure Trojan.Agent.CAHB 20161029 Fortinet W32/Generic.FIQB!tr 20161029 GData Trojan.Agent.CAHB 20161029 Invincea ransom.win32.locky.a 20161018 K7AntiVirus Trojan ( 004fbad41 ) 20161029 K7GW Trojan ( 004fbad41 ) 20161029 Kaspersky HEUR:Trojan.Win32.Generic 20161029 Malwarebytes Ransom.Locky 20161029 2016-10-29 02:50:44.243416 IP 192.168.1.102.64953 > 213.176.241.230.80: Flags [P.], […]

Western Union Statement Malspam Adwind Malware Trojan PCAP file download traffic sample

SHA256: 51d0f63e2d215ab1e4240468b8a518412472dc90ed24fffb8e5cf1e7aa75ede2 File name: Western_Union_Agent_Statement_and_summary_pdf.jar Detection ratio: 19 / 55 Analysis date: 2016-10-29 07:42:32 UTC ( 0 minutes ago ) ALYac Trojan.Java.Adwind 20161029 AVware Trojan.Java.Generic.a (v) 20161029 AegisLab Troj.Java.Agent!c 20161029 AhnLab-V3 HEUR/Jarex 20161028 Avast Java:Adwind-G [Trj] 20161029 ClamAV Java.Malware.Agent-1803486 20161029 DrWeb Java.Adwind.179 20161029 ESET-NOD32 a variant of Java/Adwind.AAJ 20161029 GData Java.Trojan.Agent.PLRUTU 20161029 Ikarus Trojan.Java.Adwind 20161028 Kaspersky HEUR:Trojan.Java.Agent.gen 20161029 McAfee Adwind!jar 20161029 McAfee-GW-Edition Artemis!Trojan 20161029 Sophos Java/Adwind-IV 20161029 Symantec Trojan.Maljava 20161029 TrendMicro JAVA_ADWIND.JCC 20161029 TrendMicro-HouseCall JAVA_ADWIND.JCC 20161029 VIPRE Trojan.Java.Generic.a (v) 20161029 ViRobot JAVA.S.Adwind.232864[h] What is Adwind? Adwind RAT, a cross-platform, multifunctional malware program also known as AlienSpy, Frutas, Unrecom, Sockrat, JSocket […]

css.jipinfeiche.cn Alman Trojan Malware PCAP file download traffic sample installad_304.dat c2

SHA256: a3b7e3fd4c709cc40be1b7114b109bc16228374f31f692311348abf2ea4d09b8 File name: fcjingdianyouxihejizhongwenban.exe Detection ratio: 31 / 48 Analysis date: 2016-10-29 07:26:36 UTC ( 1 minute ago ) ESET-NOD32 Win32/Alman.NAB 20161029 Emsisoft Worm.Generic.532532 (B) 20161029 F-Secure Worm.Generic.532532 20161029 GData Worm.Generic.532532 20161029 Ikarus Virus.Win32.Alman 20161028 Invincea virus.win32.ramnit.a 20161018 Jiangmin Win32/Almana.c 20161029 Kaspersky Virus.Win32.Alman.b 20161029 Malwarebytes Trojan.ChinAd 20161029 McAfee-GW-Edition Artemis 20161029 eScan Worm.Generic.532532 20161029 NANO-Antivirus Virus.Win32.Alman.xyevp 20161029 Panda Generic Suspicious 20161028 Qihoo-360 Win32/Trojan.323 20161029 Sophos Mal/Generic-S 20161029 Symantec Heur.AdvML.B 20161029 Tencent Win32.Virus.Alman.Ahem 20161029 TheHacker Trojan/.Agent.bt 20161028 VBA32 Virus.Win32.Alman.B 20161028 Zoner Win32.Alman.NAB 20161029 2016-10-29 01:50:41.235203 IP 192.168.1.102.64692 > 218.77.77.34.80: Flags [P.], seq 0:316, ack 1, win 256, length 316: HTTP: GET […]