KernelMode.info

A forum for reverse engineering, OS internals and malware analysis
https://www.kernelmode.info/forum/

Rogue Antimalware (FakeAV, 2012 year)

https://www.kernelmode.info/forum/viewtopic.php?f=16&t=2414

Page 25 of 46

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Fri Jun 22, 2012 8:54 am
by Win32:Virut
Windows Advanced Toolkit

MD5: A8852241FC353DD8D654F4EADBF91A77

https://www.virustotal.com/file/8caf439 ... /analysis/

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Fri Jun 22, 2012 9:54 am
by Xylitol
dumb110 wrote:
gied wrote:http://www.kernelmode.info/forum/viewto ... rus#p10875 Should be Win 7 Antivirus 2012 on Windows 7 machine.
i dont think so..anybody else has a sample??
like he says it should be Win 7 antivirus on W7, this malware is looking for the OS version (XP, Vista, Seven) and changes its name and skin.

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Fri Jun 22, 2012 4:56 pm
by hx1997
Live Security Platinum (Winwebsec)

https://www.virustotal.com/file/4f83275 ... /analysis/

MD5: F2FE1646D7CC699B2A7F93AC26A2AEE5

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sat Jun 23, 2012 9:34 am
by Win32:Virut
21x Live Security Platinum
The file is too big, maximum allowed size is 5 MiB.
http://www12.zippyshare.com/v/64389031/file.html

Password: infected

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sat Jun 23, 2012 9:41 am
by Win32:Virut
Windows Control Series (FakeVimes)

MD5: 80cf516fd3763964c13fd85bf252c2df

https://www.virustotal.com/file/8e85e6a ... /analysis/

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sat Jun 23, 2012 1:23 pm
by Aleksandra
Security Shield

_http://herbal2pharmacy.com/1.exe

MD5: cee536bee50416a2604d692b79107c43
SHA1: 2ac4e0118831552e5fa9c74941fb654cd0519a0e
https://www.virustotal.com/file/0a91de8 ... /analysis/

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sat Jun 23, 2012 5:19 pm
by Win32:Virut
Live Security Platinum (Winwebsec)

MD5: 4c11d56f3b792fdff90322aa3e9ef528

https://www.virustotal.com/file/4c11d56 ... /analysis/
(335.98 KiB) Downloaded 45 times

MD5: 694365dfdbc7cff4f5632df480f2de87

https://www.virustotal.com/file/694365d ... /analysis/
(332.37 KiB) Downloaded 43 times

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sun Jun 24, 2012 8:22 am
by Aleksandra
Windows Control Series

_http://vulnerabilitydefenderutility.in/9114a139c5ef0ada/setup.exe

MD5: 9f350e11dffec6f71459d354fe9181a4
SHA1: c3cc8f40534e86eb0034b77e13e1e8d5ea49eb02
https://www.virustotal.com/file/ecf5437 ... /analysis/

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sun Jun 24, 2012 8:47 am
by Waves97
Screenshots Windows Control Series:
http://i.imgur.com/0TmhP.jpg
http://i.imgur.com/COtEr.jpg
http://i.imgur.com/7Q1Kn.jpg
http://i.imgur.com/4QCrL.jpg
http://i.imgur.com/zVj0i.jpg

Re: Rogue antimalware (FakeAV, FakeAlert)

PostPosted:Sun Jun 24, 2012 3:28 pm
by Win32:Virut
Windows Pro Defence (FakeVimes)
All times are UTC
Page 25 of 46
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/