MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

14.2.09

Waledac more loving than ever

As I said in previous post, waledac is a worm whose main objective is to recruit zombie PCs and use the full potential and distributed to propagate more malicious code and spread more spam.

About a month ago, the worm began spreading their campaign of using as an excuse, and anticipation, the day of lovers being held today, February 14, worldwide.

Now, it seems to have kept all your battery visual social engineering strategies for this day, renewing its entire repertoire displaying the following images:


It has changed the name of the binaries:

Reader.exe MD5: A9286212E0D7B46841C860FD3F058DFA
valentine_card.exe
loveu.exe
start.exe
val.exe
programm.exe
luv.exe
luvu.exe
patch.exe MD5: 1C5E4A7FCBE766133F743C9A0150373D
loveexe.exe MD5: 5C17F98919D2C84C3FD1908630396BB7
mylove.exe
cardviewer.exe MD5: E2F9C7A76581047D493FDE2C4A02737A

As shown by the reports of VT, Waledac currently has a low level of detection by antivirus firms, ie not only changed the repertoire of images but also the binary code, making it even more dangerous.

Related information
Social Engineering and Waledac Valentine

Jorge Mieres

0 comentarios:

Post a Comment