Author Topic: PC Antispyware 2010's Scheming Password Protection  (Read 2681 times)

0 Members and 1 Guest are viewing this topic.

September 09, 2009, 02:27:05 pm
Read 2681 times

SysAdMini

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
Quote
Lately, notable trojan downloaders related to rogue security software like PC AntiSpyware 2010 were found using password protected RAR format to sneak in more malicious files without anyone noticing.

http://community.ca.com/blogs/securityadvisor/archive/2009/09/08/pc-antispyware-2010-s-scheming-password-protection.aspx?MalwareScene
Ruining the bad guy's day

September 09, 2009, 04:05:39 pm
Reply #1

Dobby

  • Special Access
  • Newbie

  • Offline
  • *

  • 3
Which I believe answers this: topic=3289.msg11717

Quote
The following part is found in the malware’s decoded reference file.

[MISCELLANEOUS]
RAR_PASSWORD=abcd012345efgh
DWN_USERNAME=XXXXX
DWN_PASSWORD=XXXXX
IE_BLOCK_CONTENT=1
IE_OUR_WINDOW_ONLY=0

September 09, 2009, 05:04:50 pm
Reply #2

cleanmx

  • Special Members
  • Hero Member

  • Offline
  • *

  • 3405
    • Spam-Filter Anti-Spam Virenschutz - CLEAN MX Managed Anti-Spam Service ist die Lösung für Ihr Spam-Problem
BINGO!!!!!!!

"abcd012345efgh" is the password

gratulation !

-- gerhard