 |
 | New MDB And HDB Signatures For Zloader |  |
|
GuitarBob
|
|
Below are some mdb and hdb signatures for the Zloader commercial malware installer, with some associated installed malware.
Copy the signatures to a new Notepad or similar text writer file and save it in the ClamWin database folder as a file named Sigfile.mdb or Sigfile.hdb, depending upon the signature type, with a file type of “All Files”. Do not save the files as a text file. The file names should be either Sigfile.mdb or Sigfile.hdb and nothing else. For multiple signatures, put each signature on a separate line in a Notepad file. You can add multiple signatures to the top of an existing mdb or hdb signature file, depending upon the signature type. Copy the signatures, add one blank line to the top of the file and paste the signatures there—any additional lines needed will be added. Do not add to the bottom of existing signature files or you will get a ClamWin scanning error. Delete any blank lines between signatures in a file before saving the file. After you save a signature file in the ClamWin database folder, scan something with ClamWin to make sure it works. If you get a scan error, accept my apology, and delete the signature file from the database folder or delete only the signatures that you just posted to an existing mdb or hdb file and re-save it after first removing any blank lines in the signature file. For multiple signature files, do the scan after you save a mdb or hdb file to help you locate a file that causes a scan error. After 4 weeks, the malware will probably be updated, so you can delete signatures then. The date (USA) and time (24 hr) are the last two items in each signature. Thanks to Eset! MDB Signature 2790912:f861a217881658682ef503f03fe6d28d:Win.Trojan.Zloader-041322.1300 11776:515e31f2034d38a1ba025f9b13c071d0:Win.Trojan.Zloader-041322.1307 269312:f725ff3025c82b1f50ee826a97482720:Win.Trojan.Zloader-041322.1309 7680:dab7de98961c23d4f81d25ebaedd4fdf:Win.Trojan.Zloader-041322.1312 414720:b1e56ce0a33796a91935bf7628235af8:Win.Trojan.Agent-041322.1320 151040:939a291e35c4838a915f9774288ed7c0:Win.Trojan.Agent-041322.1324 22528:c658b96ee861ae42aacc3f1641d30f02:Win.Trojan.Infostealer-041322.1326 HDB Signature 24a1145086e9d8037c085c13621bd461:882:BAT.Trojan.Script-041322.1315 07e6b9a6654fff7058addfe996fbabcd:2961:BAT.Trojan.Script-041322.1317 Regards, |
|||||||||||
|
|||||||||||||
 |
 | New MDB And HDB Signatures For Zloader | |
|
||
|
|
|
Powered by phpBB © phpBB Group
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.
Design by phpBBStyles.com | Styles Database.
Content © ClamWin Free Antivirus GNU GPL Free Software Open Source Virus Scanner. Free Windows Antivirus. Stay Virus Free with Free Software.