Puush malware attack

#25533 by NoSense
Mon Mar 30, 2015 9:26 am

Hi everybody,
I'm looking for the following malware used in the attack against the puush auto-update systems:
http://www.zdnet.com/article/puush-call ... lware-hit/
https://twitter.com/puushme/status/582296580532801536
https://www.reddit.com/r/runescape/comm ... ware_risk/

Filename: puush.daemon.exe
Known paths: C:\Users\yourusername\AppData\Roaming\puush; C:\Program Files (x86)\puush
Known behaviours: Keylogger
Known C&C location: Russia

MD5: b4e349c935914a62ea1c1ead0bf8271e
SHA1: 752c880c4c47581d97f6f5261146e22d0587b20f

Thank you!

Username

NoSense

Posts

11

Joined

Fri Dec 28, 2012 11:38 am

Re: Puush malware attack

#25534 by EP_X0FF
Mon Mar 30, 2015 9:35 am

MD5 b4e349c935914a62ea1c1ead0bf8271e
SHA1 752c880c4c47581d97f6f5261146e22d0587b20f
SHA256 0908622d6691945e87ff3e5d40fcf6f4e84984dbc9deced74e4e81e7718951a7

Attachments

0908622d6691945e87ff3e5d40fcf6f4e84984dbc9deced74e4e81e7718951a7.rar

pass: infected
(134.42 KiB) Downloaded 57 times

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Re: Puush malware attack

#25535 by NoSense
Mon Mar 30, 2015 9:37 am

Thank you EP_X0FF!
You can move the thread to Completed Malware Requests since there are no other samples of this malware (as far as I know).

Username

NoSense

Posts

11

Joined

Fri Dec 28, 2012 11:38 am