New Ad-Clicker Trojan
Our Honeypots caught this drive-by download from the following site:
Looks like another blog… the word ‘porn’ is used, well, abundantly.
The site is registered to some guy in Panama.
Other domains sharing nameserver:
They all point to this fake codec site:
The malware file, as with many fake codecs is from exe-xxx-file.com.
A quick virus Total analysis reveals that this file is pretty much unknown to most AV vendors:
If you happen to be infected with that trojan, it will not go un-noticed:
Those links are dangerous, stay away unless you know what you’re doing.
Jerome Segura
Malware ID: 749ebc5c812c3d26022a4df847b11d09.zip
Related posts:
- Avoiding Trojan Horse Infections Powered by Max Banner Ads You can also get your...
- New DNS Changer Trojan Powered by Max Banner Ads I came across a site...
- Trojan Horse Removal – What Is a Trojan Horse Virus? Powered by Max Banner Ads People often confuse the terms...
- New Mac Jahlav Trojan Powered by Max Banner Ads I found a new Mac...
- How to Completely Remove a Trojan Horse Virus Quickly? Powered by Max Banner Ads Do you want to learn...
Related posts brought to you by Yet Another Related Posts Plugin.









Leave a Reply