New Ad-Clicker Trojan
Our Honeypots caught this drive-by download from the following site:
Looks like another blog… the word ‘porn’ is used, well, abundantly.
The site is registered to some guy in Panama.
Other domains sharing nameserver:
They all point to this fake codec site:
The malware file, as with many fake codecs is from exe-xxx-file.com.
A quick virus Total analysis reveals that this file is pretty much unknown to most AV vendors:
If you happen to be infected with that trojan, it will not go un-noticed:
Those links are dangerous, stay away unless you know what you’re doing.
Jerome Segura
Malware ID: 749ebc5c812c3d26022a4df847b11d09.zip
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.









Leave a Reply