Home > ParetoLogic Blogs > Malware Diaries > New Mac OS X Jahlav variant
Reply
 
Thread Tools Display Modes
  #1  
Old 08-07-2009, 01:24 AM
Michael Michael is offline
Administrator
Join Date: May 2007
Posts: 313
Default New Mac OS X Jahlav variant
Yet another domain pushing a new MD5 of the Jahlav Trojan for Mac OS X.

fa1

tdenuwas.com/download/78384e3034413d3db727515620090801/QuickTimeUpdate.dmg

Actually several domains on the same IP (91.214.45.73) are hosting the malware:

allincorx.com

bigdron.com

cikaredo.com

civilizxx.com

comeandtryx.com

deribrowns.com

draxxtermania.com

givendream.com

hitrowzone.com

jumborad.com

ltdkeeper.com

operationelx.com

oxxadox.com

paxxtiger.com

rednetx.com

rstdeals.com

simplexdoom.com

sinisteer.com

tniredrum.com

ufapeace.com

Only 3 vendors on Virus Total are detecting this threat:

Kaspersky, F-Secure and Sophos.

vt1

Jerome Segura

Malware ID:*7424683a943171a92d2b281da41fec9e.zip
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


Terms of Use