Has anyone come across a sample of Trojan.Randsom.A ( http://www.symantec.com/avcenter/venc/data/trojan.randsom.a.html )? I have been looking for a copy and have been unsuccessful in my search.
Thanks for your help.
I've been running into many proverbial brick walls trying to track this down and I know it's public. I believe I use to have it but figuring out which hard drive it "might" have been on is a daunting task especially at the moment. I can only hook 2 HD's up to one pc at a time(of 2 pc's total at the moment) so it is a bit of a pain. I am not in the business of spreading viruses and not some script kiddie. I am 34yrs old not 14 okay. ;) I have read papers and descriptions on the pest and some of it's variants. Some info was useful depending on technical level and depth of study but this is no substitute for the actual original source code or any variant's sources that may be public. A true understanding would only be best grasped by source code not a general idea of the routes and methods of infection and I seek a whole understanding and collect source codes. Please do not suggest a document on the subject (pdf,ppt, word doc or other) I probably have it already or could find it easily, but thanks. If someone has it I would apreciate a link or upload of attachment here or if for some reason, though doubtful, you are more inclined to want to use email than mine is:
Thanks very much to scarlett pimpernell
SymbOS.Commwarrior.C is a worm that replicates on Series 60 phones. It attempts to spread using Bluetooth, Multimedia Messaging Service (MMS), and Multmedia Cards (MMC) as a randomly named .sis file. It has been reported that one of the possible file names is SymCommander_1_06.sis.
I picked up this on from the email I received. It had URL to a site hosting the .exe (postcard.jpg.exe) and I got a chance to download the malware.
- postcard.jpg.exe/data.rar/script.ini - infected
- postcard.jpg.exe/data.rar/svchost.exe - infected by Virus.Win32.Parite.b
- postcard.jpg.exe/data.rar/sup.reg - infected by Backdoor.IRC.Zapchast
Note: It's quite interesting to see that Kapersky extracts other files in the *.exe.
Anyone have any samples of this please?
Offensive Computing proudly presents, the create your own virus webpage. We've noticed that the quality of viruses being created have gone down considerably. Who can blame the VX writers? Writing code is hard, especially after being awake for 16 days straight. To help you gain street cred use the Offensive Computing Virus Builder 9000
ClamAV 0.88/1333/Wed Mar 15 06:57:53 2006: Worm.P2P.Capside.C
Antivirus Version Update Result
AntiVir 126.96.36.199 03.16.2006 Worm/Bagle.gen
Avast 4.6.695.0 03.16.2006 Win32:Beagle-IH
AVG 718 03.16.2006 Win32/Sality
Avira 188.8.131.52 03.16.2006 Worm/Bagle.gen
BitDefender 7.2 03.16.2006 Win32.Bagle.FJ@mm
CAT-QuickHeal 8.00 03.14.2006 I-Worm.Bagle.ae
ClamAV devel-20060126 03.16.2006 Worm.Bagle.CT
DrWeb 4.33 03.16.2006 Win32.HLLM.Beagle.27136
eTrust-InoculateIT 23.71.103 03.16.2006 Win32/Bagle.DW!Worm
eTrust-Vet 12.4.2121 03.16.2006 Win32/Bagle.DW
Ewido 3.5 03.16.2006 no virus found