« Adsense Calculator
Quanto costa uno stadio nuovo per Firenze. »

Malware virus, new_dardos.zip

Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 Votes | Average: 0 out of 5 (Blinda la supercazzola e VOTA !)
Loading ... Loading ...

I’ve discovered a potential new malware tonight. 21 April 06.
Antivirus, do not recognise it as a virus, (I’ve used Avast and TrendMicro Office Scan) yet.
It use email engine, to spread itself around the net.

Message subject could be:
Subject: divertite…
Subject: relajese por un momento
Subject: juga a esto
Subject: Tomate un tiempo para relajarte
Body contains:

“Yo te envio este divertido juego :-)
podes encontrarlo en el zip adjunto!
dime cual es tu resulado mi record es de 56 :-)
que tengas un lindo dia”

Attachment: new_Dardos.zip
This zip file, contains a setup_game.exe and a readme file, that probably installa a stupid game, but that also install malware engine.
I’ve not really tested this, but I suppose this is the way it works.

Looks, like this game use outlook to propagate itself to spanish languages addresses.
Do not open it and delete this email if you receive one

Articolo aggiunto il Friday, April 21st, 2006 alle 2:28 pm in Internet. Puoi seguire i commenti alla notizia con questo feed RSS 2.0. Puoi aggiungere un commento, o seguirlo con un trackback dal tuo sito.

Una risposta a “Malware virus, new_dardos.zip”

  1. Simon Scrive:
    April 26th, 2006 alle 11:03 pm

    This could be a possible solution.

    ICQCHK.exe MSX.DLL Free Remover
    http://www.greatis.com/security/ICQCHK.exe%20MSX.DLL%20remover.htm

    ICQCHK Trojan is installed by VideoCodec3_05b.exe to help you play “funny” movies. Now the Trojan’s web sites are closed.

    Related files in the %SysDir% folder (usually c:\ Windows\System32):

    kaboom.dll
    iewatch.exe
    A0003016.exe
    VideoCodec3_05b.exe
    sysmon.exe
    msx.dll
    gtrack.dll
    ietool[1].exe
    ietool[2].exe
    ietool[3].exe

Scrivi un tuo commento