CRYPTOME
RU Interior Ministry Hacked Files Malware Scan 9 December 2014. 19:00ET
Text follows:
Filename: пдн пм бумеранг
доброты фото.rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_3\ftp.ic.rnd.mvd.ru_3\incoming\uup\fisenko\слайдыПДН\константиновск
пдн пм
бумеранг
доброты фото\пдн
пм бумеранг
доброты фото.rar
____________________________
Filename: newtrialstop.v1.1(radmin v3.1 - v3.2).rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru\ftp.ic.rnd.mvd.ru\incoming\ic\borovkov\radmin-3.2-ru-server-client\newtrialstop.v1.1(radmin v3.1 - v3.2).rar
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:41:15 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
newtstop.dll
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru\ftp.ic.rnd.mvd.ru\incoming\ic\borovkov\radmin-3.2-ru-server-client\newtrialstop.v1.1(radmin v3.1 - v3.2).rar
No fix attempted
____________________________
File Thumbprint - SHA:
366265a83bd756cc1711055b9b7ba55f9ef1403f541e238c0d69efa84b052fa1
File Thumbprint - MD5:
Not available
-----
Filename: activator_windows
7_rtm_7600.exe
Threat name: Trojan.ADH
Full Path: activator_windows
7_rtm_7600.exe
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:41:18 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
File:
e:\ru-im\ftp.ic.rnd.mvd.ru\ftp.ic.rnd.mvd.ru\incoming\ic\electra\ 7600_rtm_v7.0
(10.08.2009).exe Removed
____________________________
File Thumbprint - SHA:
7a997d61ae2ac2ec23c59a47ca98efeda8959f9a81cb59dc40b454401d226a3f
File Thumbprint - MD5:
Not available
-----
Filename: bat to exe converter (rus
from ice_xakep).exe
Threat name: Trojan.Gen.2
Full Path: bat to exe converter (rus
from ice_xakep).exe
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:42:19 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
File:
e:\ru-im\ftp.ic.rnd.mvd.ru\ftp.ic.rnd.mvd.ru\incoming\ic\serg\forms\avto\ bat_to_exe.rar Removed
____________________________
File Thumbprint - SHA:
040d1861afebf5e0c98d9262d01d837d1c1decc878fe18585f5b4f231dc1a7b9
File Thumbprint - MD5:
Not available
-----
Filename: bat to exe converter (rus
from ice_xakep).exe
Threat name: Trojan.Gen.2
Full Path: bat to exe converter (rus
from ice_xakep).exe
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:42:19 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
File:
e:\ru-im\ftp.ic.rnd.mvd.ru\ftp.ic.rnd.mvd.ru\incoming\ic\serg\forms\oruj\ bat_to_exe.rar Removed
____________________________
File Thumbprint - SHA:
040d1861afebf5e0c98d9262d01d837d1c1decc878fe18585f5b4f231dc1a7b9
File Thumbprint - MD5:
Not available
-----
Filename: пдн пм бумеранг
доброты фото.rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_3\ftp.ic.rnd.mvd.ru_3\incoming\uup\fisenko\слайдыПДН\константиновск
пдн пм
бумеранг
доброты фото\пдн
пм бумеранг
доброты фото.rar
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:47:37 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
iptenbgoy.exe
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru_3\ftp.ic.rnd.mvd.ru_3\incoming\uup\fisenko\слайдыПДН\константиновск
пдн пм
бумеранг
доброты фото\пдн
пм бумеранг
доброты фото.rar No fix attempted
____________________________
File Thumbprint - SHA:
439c4d0722b371a8d2abc2a4f47df5b49abd72d9890e4bdb7b576fda25716a9b
File Thumbprint - MD5:
Not available
-----
Filename: слайды.rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_3\ftp.ic.rnd.mvd.ru_3\incoming\uup\fisenko\слайдыПДН\слайды.rar
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:47:37 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
ptucit.exe
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru_3\ftp.ic.rnd.mvd.ru_3\incoming\uup\fisenko\слайдыПДН\слайды.rar
No fix attempted
____________________________
File Thumbprint - SHA:
ba336c0cdad4390be52ee776664b4314906ec5949ff67b48513f58e703e2e9ef
File Thumbprint - MD5:
Not available
-----
Filename: combofix.exe
Threat name: Trojan.Gen.2
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_4\ftp.ic.rnd.mvd.ru_4\incoming\НОВОЧЕРКАССК\rdp\combofix.zip
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
12/9/2014 at 7:04:45 PM
Last Used
12/9/2014 at 5:50:44 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
combofix.exe
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru_4\ftp.ic.rnd.mvd.ru_4\incoming\НОВОЧЕРКАССК\rdp\combofix.zip
Deleted
____________________________
File Thumbprint - SHA:
7ee072303e74fef6bc5ba3d8bcfa0d191218a19ef52bd3189ed0410a34f62fc3
File Thumbprint - MD5:
Not available
-----
Filename: 2014-2015.rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_5\ftp.ic.rnd.mvd.ru_5\incoming\УРЛС\ОМПО\Воспитатели\Ландик\приказ
2014-2015 учебный
год\2014-2015.rar
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:52:00 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
nckdjtiuzju.exe
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru_5\ftp.ic.rnd.mvd.ru_5\incoming\УРЛС\ОМПО\Воспитатели\Ландик\приказ
2014-2015 учебный
год\2014-2015.rar No fix attempted
____________________________
File Thumbprint - SHA:
590e6b8f20059333edd9e0448c786a1208093542d17d53fb518239bb49607c04
File Thumbprint - MD5:
Not available
-----
Filename: 2014-2015.rar
Threat name: Compressed threats
Full Path:
e:\ru-im\ftp.ic.rnd.mvd.ru_6\ftp.ic.rnd.mvd.ru_6\incoming\УГИБДД\ПРОПАГАНДА\приказ
2014-2015 учебный
год\2014-2015.rar
____________________________
Details
Unknown Community Usage, Unknown
Age, Risk High
Origin
Downloaded from
Unknown
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
12/9/2014 at 5:57:56 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have
used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Virus. Programs that infect
other programs, files, or areas of a computer by inserting themselves or
attaching themselves to that medium.
____________________________
Source: External Media
____________________________
File Actions
nckdjtiuzju.exe
[Contained in]
e:\ru-im\ftp.ic.rnd.mvd.ru_6\ftp.ic.rnd.mvd.ru_6\incoming\УГИБДД\ПРОПАГАНДА\приказ
2014-2015 учебный
год\2014-2015.rar No fix attempted
____________________________
File Thumbprint - SHA:
590e6b8f20059333edd9e0448c786a1208093542d17d53fb518239bb49607c04
File Thumbprint - MD5:
Not available
-----