-
Dumaru Воскрес ?
Сегодня у доктора в базе запись про "старого" знакомого - BackDoor.Dumaru.20 - похоже на "реинкорнацию".
Описание заразы -
Alias: W32/Dumaru
Threat type: Surveillance - A key logger program runs in the background, recording all the keystrokes made by a user. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped secretly raw to the attacker via email or over the Internet.
Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy.
Threat risk: Severe Risk
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: Srv.SSA-KeyLogger is a keylogger which logs keystrokes of the user's PC
Srv.SSA-KeyLogger is a keylogger which logs keystrokes of the user's PC invisibly in the background It's features: capture keystrokes of anything entered by the user including passwords, credit card numbers, bank account numbers, and record all websities visited. Srv.SSA-KeyLogger overwrites the hosts file, blocking access to security sites. Srv.SSA-KeyLogger also disables the Windows XP firewall.
File Signatures:
process: 1.exe: MD5 Hash: 1c22653b198c5b74b51...
process: 1.exe: MD5 Hash: 1c22653b198c5b74b51...
process: winldra.exe: MD5 Hash: 81d8e09006042f5e2d7...
process: winldra.exe: MD5 Hash: 1C22653B198C5B74B51...
process: winldra.exe: MD5 Hash: aa179e25a20d96e078b...
process: winldra.exe: MD5 Hash: 05fcef5e76f9e09c899...
process: winldra.exe: MD5 Hash: 4DA0F9DDCD32865309E...
process: winldra.exe: MD5 Hash: 1DE9966D6D89E1CCDF5...
process: winldra.exe: MD5 Hash: 3BEC26C35C8C43F1B37...
process: winldra.exe: MD5 Hash: AEAAFA28AF93018080F...
process: winldra.exe: MD5 Hash: 620dd7dc8d3b93dbafe...
process: winldra.exe: MD5 Hash: 55c058aa50c5b60a318...
process: winldra.exe: MD5 Hash: 2b0214ac3f67bbc287f...
process: winldra.exe: MD5 Hash: c5c943f2cb32f4a96d3...
process: winldra.exe: MD5 Hash: cdd5f423cd395dff843...
process: winldra.exe: MD5 Hash: 9ace7a8260846e7938b...
process: winldra.exe: MD5 Hash: b92d3598b34f9e17aa5...
process: winldra.exe: MD5 Hash: 7855ee0e4589b3f1a8d...
process: swchost.exe: MD5 Hash: c2b9c31ffd25e18196d...
process: winldra.exe: MD5 Hash: 2b6240d3a918cc52f49...
process: winldra.exe: MD5 Hash: d65d7f903a8cb8099ae...
process: tool3.exe: MD5 Hash: d65d7f903a8cb8099ae...
process: winldra.exe: MD5 Hash: f3deb5af5268c846e7c...
process: winldra.exe: MD5 Hash: 58712e184332b198526...
process: de.exe: MD5 Hash: 9b4562345fcf56e8dfb...
process: winldra.exe: MD5 Hash: 9b4562345fcf56e8dfb.
-
-
Будь в курсе!
Будь в курсе!
Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru: