Sample

Spyware cmids3d.dll Trojan-PSW.Win32.LdPinch.azw This Trojan is designed to steal confidential information (user passwords). It is designed to steal a range of confidential information. It is a Windows PE EXE file. It is 24,384 bytes in size. It is packed using MEW. The unpacked file is approximately 340KB in size. It is written in Assembler. Dialer appmgmts.dll Exploit.IIS.Beavuh Beavuh is a malware exploit of the so-called MS IIS ".printer" vulnerability, which is described by Microsoft in the "Security Bulletin MS01-23",released May 1, 2001. The MS01-23 Security Bulletin can be viewed at the following location:... Worm clbcatq.dll Worm.Win32.Doomjuice.b This worm spreads via the Internet, using computers infected by I-Worm.Mydoom.a and I-Worm.Mydoom.b to propagate. Installation On launching, the worm copies itself to the Windows system directory under the name regedit.exe and registers this file in the system registry auto-run key:... Dialer cryptdlg.dll Exploit.HTML.Ascii.f This exploit uses a vulnerability in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HTML page. It is 1614 bytes in size. It is not packed in any way. Trojan deskadp.dll Trojan.Win32.LipGame.i This Trojan is a Windows PE EXE file written in C++ and packed using UPX. The file is 23552 bytes in size, and the unpacked file is 56832 bytes in size. The program is represented by a transparent icon, and it is therefore difficult to see it in some file managers. This Trojan is almost identical... Worm dplay.dll Worm.Win32.AutoRun.bnb This worm propagates by creating copies of itself on local disks and write-accessible network resources. It is a Windows PE EXE file. It is 46592 bytes in size. It is packed using UPX. The unpacked file is approximately 107MB in size. Installation The worm copies its executable file to the... Worm forcedos.exe Worm.Win32.Hai This is a local network worm that spreads on Win32 systems. The worm itself is a Win32 executable file about 60K in length, and it is written in MS Visual C++. The known worm version is encrypted by PELock Win32 EXE file protection tool. The spreading process distributes the worm copy throughout a... Adware icaapi.dll Virus.DOS.Am.743 This is a harmless memory-resident parasitic virus. It hooks INT 21h and writes itself at the end of COM files that are executed. It contains the text "am", the same value is returned (in ASCII) by the virus when it checks the previously loaded TSR copy. On calling the GetDate DOS function the...