Bitcoin Forum
November 02, 2024, 03:29:03 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Economy > Trading Discussion > Scam Accusations > possible new virus?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: possible new virus?  (Read 581 times)
superduh (OP)
Hero Member
*****
Offline Offline

Activity: 602
Merit: 500


View Profile
May 08, 2013, 09:32:14 PM
 #1
not sure the forum
but this was posted on mtgox's fb page

>>>>DO NOT DOWNLOAD THIS FILE!!!! (unless you want to investigate it- i'm 101% sure it's a virus)

"guys,somebody cracked BTC wallets.
So we have free btc now.
smth about 1000BTC/
Who want,download wallet.dat here http://www.sendspace.com/file/w3pzu6"

so i'm curious if anyone is interested on analyzing this virus. is it new?
is it dangerous?
do virus programs know about it?
ok
escrow.ms
Legendary
*
Offline Offline

Activity: 1274
Merit: 1004


View Profile
May 08, 2013, 09:39:24 PM
Last edit: May 08, 2013, 10:10:23 PM by escrow.ms
 #2
Downloaded file, will post analysis here in a min.

https://malwr.com/analysis/MTJiODZjYTJkZmIzNDdlYzlmZTI0MDRiZDc2YjRiNmU/

File adds itself to startup, it is some kind of bot or stealer or probably a miner

Going to upload it on vt now.

https://www.virustotal.com/en/file/787b141a8cc7bcce6a7720e4c7d86e6b3345c497686ad89971b1ffc2c30de81c/analysis/1368049769/

http://anubis.iseclab.org/?action=result&task_id=14fbf3496140b6db4e59ea0daa2f8ceae (Scan in queue)

File is crypted so most antivirus are not able to detect it.


Edit: It's a bitcoin miner (botnet one)
Pages: [1]
  Print  
Bitcoin Forum > Economy > Trading Discussion > Scam Accusations > possible new virus?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!