Yeni TROJAN Saldırısı video.haberturk.com

Bu gün aldığım aşağıdaki mailde

HABER TÜRK OLARAK YILIN MUTHİŞ HABERİNİ ERGENEKON DAVASINDAKİ YAYIM YASAĞI NEDENİ İLE İNTERNET ÜZERİNDEN YAYIMLIYORUZ.

SAVCILAR TARAFINDAN SON DERECE TİTİZLİKLE KORUNAN, DENİZ BAYKAL’IN ABDULAH ÇATLI İLE YÜZ YÜZE YAPTIĞI GÖRÜŞMELERİN , YEŞİL ‘İ CHP GENEL MERKEZİNDE AĞIRLAMASININ GÖRÜNTÜLERİNİ,HURŞİT TOLON VE VELİ KÜÇÜK İLE YAPTIĞI GÖRÜŞMELERİN GÖRÜNTÜLERİNİ ELE GEÇİRDİK,

GÖRÜŞMELERDE KULAKLARINZA İNANAMAYACAĞINIZ DİYALOGLAR VE YAPILMASI PLANLANAN DARBENİN DETAYLI GÖRÜŞMELERİ BULUNUYOR ,İZLEYİN KULAKLARINIZA VE GÖZLERİNİZE İNANAMAYACAKSINIZ.

HABER TÜRK TARTIŞMASIZ TÜRKİYE’NİN EN BÜYÜK İNTERNET GAZETESİ

şeklinde bir mesaj ve ardındanda ekli dosya olarak video.haberturk.com isimli (107 Kb) WINRAR ile sıkıştırılmış yer alıyordu. Normal olarak böyle bir dosyadan şüphelendiğim için dosyayı INTERNET üzerinde VIRUSTOTAL sistemi ile taradım ve aşağıdaki sonuçlara ulaştım.

Sonuçlardan da görüleceği gibi gönderilen bu ek, bir VİRÜS ve asıl amacı da sizin sisteminizdeki özel bilgilerinizi, şifrelerinizi ele geçirmek…

Dosya video.haberturk.com alındığı zaman 2009.04.08
AntivirüsVersiyonSon GüncelleştirmeSonuç
a-squared4.0.0.1012009.04.08Trojan-Spy.Win32.Agent!IK
AhnLab-V35.0.0.22009.04.07
AntiVir7.9.0.1382009.04.07
Antiy-AVL2.0.3.12009.04.07
Authentium5.1.2.42009.04.08W32/Agent.CT.gen!Eldorado
Avast4.8.1335.02009.04.07
AVG8.5.0.2852009.04.07SHeur2.ZRU
BitDefender7.22009.04.08
CAT-QuickHeal10.002009.04.07
ClamAV0.94.12009.04.07
Comodo11022009.04.07
DrWeb4.44.0.091702009.04.08
eSafe7.0.17.02009.04.07
eTrust-Vet31.6.64422009.04.07
F-Prot4.4.4.562009.04.08W32/Agent.CT.gen!Eldorado
F-Secure8.0.14470.02009.04.08Trojan-Spy.Win32.Agent.akwx
Fortinet3.117.0.02009.04.07
GData192009.04.08
IkarusT3.1.1.49.02009.04.08Trojan-Spy.Win32.Agent
K7AntiVirus7.10.6952009.04.07
Kaspersky7.0.0.1252009.04.08Trojan-Spy.Win32.Agent.akwx
McAfee55772009.04.07Generic Delphi
McAfee+Artemis55772009.04.07Generic Delphi
McAfee-GW-Edition6.7.62009.04.07
Microsoft1.45022009.04.07
NOD3239942009.04.07
Norman6.00.062009.04.07
nProtect2009.1.8.02009.04.08
Panda10.0.0.142009.04.07Trj/CI.A
PCTools4.4.2.02009.04.07
Prevx1V22009.04.08
Rising21.24.12.002009.04.07
Sophos4.40.02009.04.08Mal/Generic-A
Sunbelt3.2.1858.22009.04.08Trojan.Unclassified.gen
Symantec1.4.4.122009.04.08Trojan Horse
TheHacker6.3.4.0.3032009.04.07
TrendMicro8.700.0.10042009.04.07
VBA323.12.10.22009.04.07
ViRobot2009.4.7.16822009.04.07
VirusBuster4.6.5.02009.04.07
İlave Bilgiler
File size: 238121 bytes
MD5…: c103b348b93e7eefab3db605b2bc4e5b
SHA1..: 84e302abfa86a280ac98f358737188a5f3f47bb0
SHA256: ab7fa58761cf8a11dbb01cc513d45b51ee07daa62ac336d424d62446b7c2a3cd
SHA512: d99d07fa1e4401b4a3010406708972ed70706a6c60c8d28dbee989eaab273515<br>b1c2b576a09d9b89714a40ccaeca308e11a916900f9804a631fd6946840a4507
ssdeep: 6144:OwLI2BSV/gUOW55yZx2qAGV0OxuTBpf1of:Ob2BSSUOSohBuTNof<br>
PEiD..: BobSoft Mini Delphi -&gt; BoB / BobSoft
TrID..: File type identification<br>Win32 Executable Borland Delphi 7 (58.5%)<br>Win32 Executable Borland Delphi 5 (39.4%)<br>Win32 Executable Generic (0.7%)<br>Win32 Dynamic Link Library (generic) (0.6%)<br>Win16/32 Executable Delphi generic (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30888<br>timedatestamp…..: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype…….: 0x14c (I386)<br><br>( 8 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>CODE 0x1000 0x2f8b8 0x2fa00 6.57 7f480ff0067f2d472deef0838ac0a522<br>DATA 0x31000 0x36cc 0x3800 7.02 c514710c4c6a870f1d9b1f39234a82bb<br>BSS 0x35000 0xb05 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x36000 0x19ce 0x1a00 4.75 6e29af2aa5a2d36fe9fe0fdc5277c530<br>.tls 0x38000 0xc 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rdata 0x39000 0x18 0x200 0.20 0aab54a987d246b4127ed3c40f8aa392<br>.reloc 0x3a000 0x30e4 0x3200 6.67 28cc16759e0dda077f7a86c89331e162<br>.rsrc 0x3e000 0x1e00 0x1e00 3.85 15472dd2d33b288b606764067f3c07c4<br><br>( 20 imports ) <br>&gt; kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, CreateDirectoryA, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle<br>&gt; user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA<br>&gt; advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>&gt; oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen<br>&gt; kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<br>&gt; advapi32.dll: RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegCreateKeyExA, RegCreateKeyA, RegCloseKey<br>&gt; kernel32.dll: lstrlenA, WriteFile, WinExec, WaitForSingleObject, VirtualQuery, SetThreadPriority, SetFileTime, SetFilePointer, SetFileAttributesA, SetEvent, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, MultiByteToWideChar, MulDiv, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalAlloc, GetVersionExA, GetThreadLocale, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileAttributesA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCommandLineA, GetCPInfo, GetACP, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateSemaphoreA, CreateProcessA, CreateFileA, CreateEventA, CompareStringA, CloseHandle<br>&gt; gdi32.dll: UnrealizeObject, StretchBlt, SetTextColor, SetStretchBltMode, SetROP2, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, RealizePalette, PatBlt, MoveToEx, MaskBlt, LineTo, GetTextMetricsA, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetCurrentPositionEx, GetBrushOrgEx, DeleteObject, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, BitBlt<br>&gt; user32.dll: wvsprintfA, WindowFromPoint, WaitMessage, TranslateMessage, ToAscii, ShowWindow, SetWindowTextA, SetWindowPos, SetWindowLongA, SetTimer, SetParent, SetFocus, SetCursor, SendMessageTimeoutA, SendMessageA, ReleaseDC, RegisterWindowMessageA, RegisterClassA, PostQuitMessage, PostMessageA, PeekMessageA, OffsetRect, MsgWaitForMultipleObjects, MessageBoxA, LoadStringA, LoadIconA, LoadCursorA, KillTimer, IsWindowEnabled, IsWindow, InvalidateRect, GetWindowRect, GetWindowLongA, GetWindowDC, GetSystemMetrics, GetSysColor, GetMessageA, GetKeyState, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDC, GetCursorPos, GetClientRect, GetClassInfoA, GetCapture, FindWindowExA, FindWindowA, FillRect, DispatchMessageA, DestroyWindow, DestroyIcon, DestroyAcceleratorTable, DefWindowProcA, CopyImage, ClientToScreen, CallWindowProcA, CharNextA, CharLowerBuffA, CharUpperBuffA, CharToOemA<br>&gt; shell32.dll: ShellExecuteA<br>&gt; ole32.dll: CoUninitialize, CoInitialize<br>&gt; oleaut32.dll: GetErrorInfo<br>&gt; wininet.dll: InternetGetConnectedState, InternetOpenA, InternetConnectA<br>&gt; shell32.dll: SHGetSpecialFolderLocation, SHGetPathFromIDListA<br>&gt; user32.dll: CreateWindowExA<br>&gt; oleaut32.dll: SysFreeString, SysAllocStringLen<br>&gt; kernel32.dll: Sleep<br>&gt; oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit<br>&gt; winmm.dll: timeSetEvent, timeKillEvent<br>&gt; user32.dll: DdeCmpStringHandles, DdeFreeStringHandle, DdeQueryStringA, DdeCreateStringHandleA, DdeGetLastError, DdeFreeDataHandle, DdeUnaccessData, DdeAccessData, DdeCreateDataHandle, DdeClientTransaction, DdeNameService, DdePostAdvise, DdeSetUserHandle, DdeQueryConvInfo, DdeDisconnect, DdeConnect, DdeUninitialize, DdeInitializeA<br><br>( 0 exports ) <br>
RDS…: NSRL Reference Data Set<br>-
ThreatExpert info: <a href=”http://www.threatexpert.com/report.aspx?md5=c103b348b93e7eefab3db605b2bc4e5b” target=”_blank”>http://www.threatexpert.com/report.aspx?md5=c103b348b93e7eefab3db605b2bc4e5b</a>