Database update. Another Antivirus malware. File is available in our repository under /stingner-malware/.
BE ADVISED: These sites may still be live. Proceed at your own risk.
Site: hxxp://online-av-scan2008.com/?id=1011
File antivirus.v.1.0.1011.exe
Result: 6/36 (16.67%)
Malware link:
hxxp://antivirusdownload.s0ftvvarep0rtal.com/antivirus.v.1.0.1011.exe
Note: This site is distributing Rogue “Fake” Anti-Malware product. Do not visit, pay, or download the software discussed below.
Site:
* hxxp://viruslabs2009.com/
File: virlab_install.exe
VirusTotal: Result: 9/36 (25%)
File size: 1579973 bytes
MD5…: 93fef280425ad6fb002430abb8cf216d
SHA1..: 766a414faa1e062c0ce40f1ede93a3d166902b6c
SHA256: 4346309f29aacf14cd0fc764ccac674572a498b7f80e1a4018265008cbf1ba4c
SHA512: 371d231b30c32756be1dbd5b50e26144d506abe895a6893fdcea866b8353e310
8548ded05366e25c2d968dffa506880e8729b7b8a6b4f4e06c3814d903eba37e
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
MDB: /stingner-malware/
I noticed a few Advanced Antivirus URL’s started to appear this morning. I chuckle a little bit every time I see Advanced Antivirus pop up; mainly because I own AdvancedAntivirus.com (I bought it before the rogue software was created for an oddball project). Finally beat the suckers to the punch! We’ll set the laughs aside for a bit and get to the details.
File: AAVSetup.exe
MD5: 236B5229DE10D5C0ECF2743A981B646C
VirusTotal: 14/36 (38.89%)
MDB: /lithium-malware/AAVSetup.zip
Sites Distributing:
