Skip navigation.
Home

Bundestrojaner's installer "scuinst.exe"

|

Hello fellow malware analysts!

I'm looking for a copy of the Bundestrojaner's installer. So much hype, so little analysis available (*sigh*) on this one so far (apart from in German from ccc.de which while completely reasonable is not all that helpful for English speaking malware analysts).

According to F-Secure's analysis, the file has the following characteristics (if I've copied these correctly from the site!):

Filename: scuinst.exe (unsigned)
SHA-1: a6a0f45180f5b3390ee2ef21fe4b89813ed641f4
MD5: 309ede406988486bf81e603c514b482

I've found the mfc42ul.dll and winsys32.sys in the 0zapftis release without too much trouble, but not the deployment package which seems to be key to understanding how exactly this malware gets onto 32 bit Windows PCs.

Can anyone help?

Thanks and regards

DampTrousers

Download: R2D2-Dropper.rar PW

Download:
R2D2-Dropper.rar
PW: evild3ad.com

http://www.mediafire.com/?bvadsze11d34rtv

Cheers!
evild3ad