Bundestrojaner's installer "scuinst.exe"
Hello fellow malware analysts!
I'm looking for a copy of the Bundestrojaner's installer. So much hype, so little analysis available (*sigh*) on this one so far (apart from in German from ccc.de which while completely reasonable is not all that helpful for English speaking malware analysts).
According to F-Secure's analysis, the file has the following characteristics (if I've copied these correctly from the site!):
Filename: scuinst.exe (unsigned) SHA-1: a6a0f45180f5b3390ee2ef21fe4b89813ed641f4 MD5: 309ede406988486bf81e603c514b482
I've found the mfc42ul.dll and winsys32.sys in the 0zapftis release without too much trouble, but not the deployment package which seems to be key to understanding how exactly this malware gets onto 32 bit Windows PCs.
Can anyone help?
Thanks and regards