Malware Encyclopedia

Platform: Win32
Type: Trojan
Size: 135168 bytes
Language: Visual Basic
MD5: 3b342eeb7b7496b8c21b7dc1e8640eb6
SHA256: 02b10491765333205f8daaccd93d1a619c76c191419a4fe0b96647f94630a05b
Aliases: Trojan:Win32/Diacam.A (Microsoft), Trojan.Win32.Jorik.Mokes.cbk (Kaspersky), Win32/VB.QMS (ESET-NOD32), W32/VBagent.B.gen!Eldorado (F-Prot)

Summary

Trojan.Win32.VB.qms is a Trojan program designed to steal confidential data as well as provide a remote access to the computer without user’s knowledge or consent. The following are strings displayed in the file information:


Platform: Win32
Type: Trojan
Size: 878592  bytes
Language: С++
MD5: 1f19849a7befa7bf2e3ca04e2757829d
SHA1: 478260ca3fdbcb792a5756956838d2260121de25
Aliases: Backdoor:Win32/Kelihos.F(Microsoft), TrojanPSW.FTPAgent 

Summary


Platform: Win32
Type: Backdoor
Size: 212992 bytes
Language: C++
MD5: C46566045F4E77F366299479746DC0EA
SHA1: 97F5F2637289E7537461E64D96D13BF359542FB1

Summary

Trojan.Win32.Jorik.Zbot.azk is a malicious program which provides the attacker with unauthorized remote access to the infected machine.


Platform: Win32
Type: Worm
Size: 73938 bytes
Language: Visual Basic
MD5: 030D70062F0D16D918DFA5ADFDFEE857
SHA1: 33217329687F29A3C8393C52AAB656DABB4E5BCE

Summary

Trojan.Win32.Rimod.b is a worm which copies itself to the local drives of the infected computer.


Detect: Virus.Win32.Alman.b
Platform: Win32
Type: Virus
Virus body size: ~38 KB

Summary

It is a malware which infects executable PE-EXE files.


Detect: Trojan.Win32.Sirefef.pm
Platform: Win32
Type: Trojan
md5: 065EFD579429DE85C9A0C55DF7E8CABE
sha1:0a6b40809556199f0e746bf37e7ab29b97c4a90eb84d85360a1caf065c190ca

Summary

It is a malicious software designed to download other malicious programs and install them on the user's PC. It is an NT kernel mode driver.


Detect: FraudTool.Win32.FakeRean
Platform: Win32
Type: Worm
Size: 868864 bytes
Extracted size: ~6266 KB
Language: Delphi
md5: A0E59B1747C0A50731A1D74E3C274198
sha1: 79C242DF2AEAAB26DA26EEB02AC1FEB676E129FD

Summary

This is a Trojan that imitates the work of the antivirus program to obtain a user's fee for detecting and deleting non-existent threads.


Detect: Trojan.Win32.Jpgiframe
Platform: HTML
Type: Trojan


Summary

It is a Trojan program which opens various web pages in the browser without user knowledge.


Detect: Email-Worm.Win32.Brontok.a
Platform: Win32
Type: Worm
Size: 45417 bytes
Packer: MEW
Language: 
VisualBasic
md5:
41bc917a697ab13ecb4c97496300080b
sha1:
3963b429bf098b194c49a83a4360d65b5c56c746

Summary

It is an email worm spreading via the Internet by attaching a copy of its executive file to the infected emails. For mailing, the worm uses addresses found on the infected computer.


Detect: Trojan.Win32.Rimecud.m
Platform: Win32
Type: Trojan
Size: 140288 bytes
Packer: unknown
Unpacked size: ~81KB
Language: C++
md5: 5A9A4024F263E0D79C8CF9381DCDF06A
sha1: 0C1C857386D7C2A4BF3C62CC69C110D38D35045F

Summary

It is a Trojan program which performs destructive activities on the User PC.


Detect: Exploit.PDF.CVE-2011-2437
Platform: PDF
Type: Exploit
Size: <depends on document size>

Summary

It is an Exploit which uses vulnerability in Adobe Acrobat and Adobe Reader to execute a random code. It is a PDF document.


Detect: Adware.Pinball Corporation
Platform: Win32
Type: Adware
Size: 207544 bytes
Packer: UPX
Unpacked size: 449 KB
Language: C++
md5: 8C09805A8EB78C9917BDDEDCF7F45D62
sha1: 21ABC57D515487595CA17E63CCD98C096D86C52F

Summary

It is an advertising software designed to redirect requests to other web resources.