Fake car crash video serves up malware

Look in this specific forum for newly found security threats which may not yet be covered by your usual security software

Moderators: Admin Team, Moderators

mwdisector
Security Researcher
Security Researcher
Posts: 6
Joined: Mon Dec 29, 2008 9:45 am
experience: I know the functions, OS settings, registry tweaks and more
PC time: More than 4 hours a day
Contact:

Fake car crash video serves up malware

Postby mwdisector » Fri May 15, 2009 8:51 pm

A website claiming to have a video of Nikki Catsouras car crash, instead serves up a trojan (and more).

hxxp://www.nikkicatsouras.net
--> hxxp://www.nikkicatsouras.net/video.avi/
--> hxxp://kor-programms.com/softwarefortubeview.40009.exe

softwarefortubeview.40009.exe
VT detection 4/39:
http://www.virustotal.com/analisis/ceecd2cd8eeb97a18b15f296b3e202f7

I just took a quick look at it and found it creates all sorts of processes, files, and scheduler jobs on victim. Appears to setup a local listener/trojan. It also connects to hjtktyjyhhn.com.

--mwdisector

User avatar
TeMerc
Site Admin
Site Admin
Posts: 15995
Joined: Fri Jan 28, 2005 5:16 pm
Area Of Expertise: Security
experience: I know the functions, OS settings, registry tweaks and more
PC time: What else is there in life?
Location: PHX, AZ
Contact:

Re: Fake car crash video serves up malware

Postby TeMerc » Fri May 15, 2009 10:15 pm

Thx mwdisector!

Caution to all those reading this, do not attempt to visit any of the sites unless you're an experienced malware researcher.

You could get infected.
Image


Return to “EMERGING SECURITY THREATS!”

Who is online

Users browsing this forum: No registered users and 1 guest