Author Topic: One more Trojan.Banker  (Read 3061 times)

0 Members and 1 Guest are viewing this topic.

January 18, 2011, 08:33:29 pm
Read 3061 times

rawdata

  • Jr. Member

  • Offline
  • **

  • 14
Sorry for the edit...

Code: [Select]
http://356143t05.sytes.net/
Which redirects to dropbox at
Code: [Select]
https://dl.dropbox.com/u/18844456/Orc0900527.jpg.exe?Albun.jpg
this has been identified as PWS-Banker!gpm

After instalation it also contacts

Code: [Select]
http://www.fileden.com/files/2010/12/1/3028683/modulo1.zip
http://premium.fileden.com/premium/2010/12/1/3028683/modulo1.zip
http://www.fileden.com/files/2010/12/1/3028683/modulo2.zip
http://premium.fileden.com/premium/2010/12/1/3028683/modulo2.zip
http://Pavilioneventos.net/jdados
and
Code: [Select]
http://brutus2011.t35.com