Skip navigation.
Home

Analysis of OSX Trojan DNS Changer

::::::::::::
File Size
::::::::::::
DMG : ~ 17.1 KB (17,598 bytes)
Installer.pkg : ~132 KB (135,168 bytes)

:::::::::::::::::
Propagation
:::::::::::::::::
This malicious code does not spread and propagate by itself. It uses an ancient yet effective Social Engineering technique to entice users to manually install the program. This trojan disguises as video codec and associates itself to a shared and free download videos. It was first seen and linked to porn sites but later it was also linked to funny videos and seen as splogs (spam blog).

Is this in-the-wild ? Yes.

Detailed Analysis found in this blog: http://blog.iantivirus.com/

Do you have a copy of this

Do you have a copy of this you can upload for us? If so what's the MD5?

MD5

you may check these MD5s:
fae432c0b8b0add6d44dbc7ea61bcd50
894b045765bb255e5f81d9a6e15e7a4d
998bc46008dc123389ef141e471a47ac