Malware Related > Malicious Domains

ms1.exe and data.exe



--- Quote ---hxxp://
--- End quote ---

MD5 Hash -  E50EE7BB625302DAACA03ECFE07930A7

FSG 2 used on this one,multiple naming conventions from AV companies,
but the most common among them was "Delf.crp" or so...

--- Quote ---hxxp://
--- End quote ---

MD5 Hash - 7245CE2FB66DC572B8AD2B2AA0695554

PEiD doesn't detect the packer used internally (yet).
EP Section name is ".bedrock" though,and it certainly isn't some sign-faker:
I can assure you this is Bambam speaking here...

VirusTotal's engine reports too many different names to be listed here.
It also (incorrectly) flags the packer as "NPack".

Thanks, these will be in the list soon.


[0] Message Index

Go to full version