Generic trojan type backdoor via popular crimeware “Loader”

Ferglo

10 Jul 2012 5:21 PM

Comments 0

Nuestro buen amigo Jorge Mieres nos comparte su artículo:

Generic trojan type backdoor via popular crimeware “Loader”

This is the icon used for this malware.

Technical information & PE file attribute

MD5 : aab21e11953aee66ff16772576ceaec0
SHA1: 576910d3ae484144db32dd835594c605dac90a9d
[['Microsoft Visual C++ 8'], ['VC8 -> Microsoft Corporation']

This malware was created and is spread through crimeware "VertexNet Loader".
PE information & sections:

57.9% (.EXE) Win32 Executable MS Visual C++ (generic) (31206/45/13)
12.2% (.DLL) Win32 Dynamic Link Library (generic) (6581/28/2)
12.0% (.EXE) Win32 Executable Generic (6514/8/2)
10.3% (.EXE) Win64 Executable Generic (5563/38/1)
3.7% (.EXE) Generic Win/DOS Executable (2002/3)

Mutex: VN_MUTEX16