Skip navigation.
Home

WMF

| |

NEW: added more related files contributed by seville THANKS!

V.

d5932e0901c0379b8df3f80a137f5910 *xpl.wmf

Scanning -> C:\malware\wmf\vscan\xpl.wmf
[-] File is NON executable..(non MZ)
- Scan Took : 0.0 Seconds

AntiVir Found Trojan/Dldr.WMF.Agent.D
ArcaVir Found nothing
Avast Found Win32:Exdown
AVG Antivirus Found nothing
BitDefender Found Exploit.Win32.WMF-PFV.C
ClamAV Found Exploit.WMF.A
Dr.Web Found Exploit.MS05-053
F-Prot Antivirus Found security risk or a "backdoor" program
Fortinet Found W32/WMF-exploit
Kaspersky Anti-Virus Found Trojan-Downloader.Win32.Agent.acd
NOD32 Found Win32/TrojanDownloader.Wmfex
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

Thanks to seville for submitting this sample!

Threat: Trojan.Desktophijack.C
File: C:\malware\wmf\vscan\55b81dc761fea3e185836818de910bf5
Date found: Wednesday, December 28, 2005 12:42:35 PM

Scanning -> C:\malware\wmf\vscan\55b81dc761fea3e185836818de910bf5
File Type : Exe, Size : 40448 (09E00h) Bytes
[!] UPX [unknown / modified] !
- Scan Took : 0.969 Seconds

md5sum: 55b81dc761fea3e185836818de910bf5
sha1sum: b251045c28e4c04611e13cc7b6ffde2445eea74f
sha256sum: d002fd3420903be9b2c04b9b728bc0d6b47eede0d2e88322fc8058508f1e2fba

AntiVir Found Trojan/Dldr.Small.bki.1
ArcaVir Found Trojan.Small.Ev
Avast Found Win32:Trojano-2336
AVG Antivirus Found Generic.FKM
BitDefender Found Trojan.FakeAlert.PSGuard.A
ClamAV Found Trojan.Downloader.Small-775
Dr.Web Found Trojan.MulDrop.2526
F-Prot Antivirus Found W32/Trojan.YT
Fortinet Found W32/Small.EV-tr
Kaspersky Anti-Virus Found Trojan.Win32.Small.ev
NOD32 Found Win32/TrojanDropper.Oleloa.D
Norman Virus Control Found W32/Agent.D
UNA Found Trojan.Win32.Small
VBA32 Found Trojan.Win32.TrojanDropper.Oleloa

druogna trojan?

seem
win_wmf (win_wmf.zip) 38.48 KB
contain 55b81dc761fea3e185836818de910bf5.exe
detected by my mcafee antivirus with virus def 4651 as druogna trojan

problems extracting

I have problems extracting the files. May I know what is the password?

The password for wmf.zip ...

The password for wmf.zip is "offensivecomputing".

--
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Not able to download

I am not able to download the files. When i click on them it takes me to the homepage. I am looking for the sample of the trojan Exploit-WMF which exploits the MS06-001 vulnerability.

Fixed, try downloading them

Fixed, try downloading them again.