Yeni TROJAN Saldırısı video.haberturk.com

Bu gün aldığım aşağıdaki mailde

HABER TÜRK OLARAK YILIN MUTHİŞ HABERİNİ ERGENEKON DAVASINDAKİ YAYIM YASAĞI NEDENİ İLE İNTERNET ÜZERİNDEN YAYIMLIYORUZ.

SAVCILAR TARAFINDAN SON DERECE TİTİZLİKLE KORUNAN, DENİZ BAYKAL’IN ABDULAH ÇATLI İLE YÜZ YÜZE YAPTIĞI GÖRÜŞMELERİN , YEŞİL ‘İ CHP GENEL MERKEZİNDE AĞIRLAMASININ GÖRÜNTÜLERİNİ,HURŞİT TOLON VE VELİ KÜÇÜK İLE YAPTIĞI GÖRÜŞMELERİN GÖRÜNTÜLERİNİ ELE GEÇİRDİK,

GÖRÜŞMELERDE KULAKLARINZA İNANAMAYACAĞINIZ DİYALOGLAR VE YAPILMASI PLANLANAN DARBENİN DETAYLI GÖRÜŞMELERİ BULUNUYOR ,İZLEYİN KULAKLARINIZA VE GÖZLERİNİZE İNANAMAYACAKSINIZ.

HABER TÜRK TARTIŞMASIZ TÜRKİYE’NİN EN BÜYÜK İNTERNET GAZETESİ

şeklinde bir mesaj ve ardındanda ekli dosya olarak video.haberturk.com isimli (107 Kb) WINRAR ile sıkıştırılmış yer alıyordu. Normal olarak böyle bir dosyadan şüphelendiğim için dosyayı INTERNET üzerinde VIRUSTOTAL sistemi ile taradım ve aşağıdaki sonuçlara ulaştım.

Sonuçlardan da görüleceği gibi gönderilen bu ek, bir VİRÜS ve asıl amacı da sizin sisteminizdeki özel bilgilerinizi, şifrelerinizi ele geçirmek…

Dosya video.haberturk.com alındığı zaman 2009.04.08
Antivirüs Versiyon Son Güncelleştirme Sonuç
a-squared 4.0.0.101 2009.04.08 Trojan-Spy.Win32.Agent!IK
AhnLab-V3 5.0.0.2 2009.04.07
AntiVir 7.9.0.138 2009.04.07
Antiy-AVL 2.0.3.1 2009.04.07
Authentium 5.1.2.4 2009.04.08 W32/Agent.CT.gen!Eldorado
Avast 4.8.1335.0 2009.04.07
AVG 8.5.0.285 2009.04.07 SHeur2.ZRU
BitDefender 7.2 2009.04.08
CAT-QuickHeal 10.00 2009.04.07
ClamAV 0.94.1 2009.04.07
Comodo 1102 2009.04.07
DrWeb 4.44.0.09170 2009.04.08
eSafe 7.0.17.0 2009.04.07
eTrust-Vet 31.6.6442 2009.04.07
F-Prot 4.4.4.56 2009.04.08 W32/Agent.CT.gen!Eldorado
F-Secure 8.0.14470.0 2009.04.08 Trojan-Spy.Win32.Agent.akwx
Fortinet 3.117.0.0 2009.04.07
GData 19 2009.04.08
Ikarus T3.1.1.49.0 2009.04.08 Trojan-Spy.Win32.Agent
K7AntiVirus 7.10.695 2009.04.07
Kaspersky 7.0.0.125 2009.04.08 Trojan-Spy.Win32.Agent.akwx
McAfee 5577 2009.04.07 Generic Delphi
McAfee+Artemis 5577 2009.04.07 Generic Delphi
McAfee-GW-Edition 6.7.6 2009.04.07
Microsoft 1.4502 2009.04.07
NOD32 3994 2009.04.07
Norman 6.00.06 2009.04.07
nProtect 2009.1.8.0 2009.04.08
Panda 10.0.0.14 2009.04.07 Trj/CI.A
PCTools 4.4.2.0 2009.04.07
Prevx1 V2 2009.04.08
Rising 21.24.12.00 2009.04.07
Sophos 4.40.0 2009.04.08 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.04.08 Trojan.Unclassified.gen
Symantec 1.4.4.12 2009.04.08 Trojan Horse
TheHacker 6.3.4.0.303 2009.04.07
TrendMicro 8.700.0.1004 2009.04.07
VBA32 3.12.10.2 2009.04.07
ViRobot 2009.4.7.1682 2009.04.07
VirusBuster 4.6.5.0 2009.04.07
İlave Bilgiler
File size: 238121 bytes
MD5…: c103b348b93e7eefab3db605b2bc4e5b
SHA1..: 84e302abfa86a280ac98f358737188a5f3f47bb0
SHA256: ab7fa58761cf8a11dbb01cc513d45b51ee07daa62ac336d424d62446b7c2a3cd
SHA512: d99d07fa1e4401b4a3010406708972ed70706a6c60c8d28dbee989eaab273515<br>b1c2b576a09d9b89714a40ccaeca308e11a916900f9804a631fd6946840a4507
ssdeep: 6144:OwLI2BSV/gUOW55yZx2qAGV0OxuTBpf1of:Ob2BSSUOSohBuTNof<br>
PEiD..: BobSoft Mini Delphi -&gt; BoB / BobSoft
TrID..: File type identification<br>Win32 Executable Borland Delphi 7 (58.5%)<br>Win32 Executable Borland Delphi 5 (39.4%)<br>Win32 Executable Generic (0.7%)<br>Win32 Dynamic Link Library (generic) (0.6%)<br>Win16/32 Executable Delphi generic (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x30888<br>timedatestamp…..: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype…….: 0x14c (I386)<br><br>( 8 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>CODE 0x1000 0x2f8b8 0x2fa00 6.57 7f480ff0067f2d472deef0838ac0a522<br>DATA 0x31000 0x36cc 0x3800 7.02 c514710c4c6a870f1d9b1f39234a82bb<br>BSS 0x35000 0xb05 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x36000 0x19ce 0x1a00 4.75 6e29af2aa5a2d36fe9fe0fdc5277c530<br>.tls 0x38000 0xc 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rdata 0x39000 0x18 0x200 0.20 0aab54a987d246b4127ed3c40f8aa392<br>.reloc 0x3a000 0x30e4 0x3200 6.67 28cc16759e0dda077f7a86c89331e162<br>.rsrc 0x3e000 0x1e00 0x1e00 3.85 15472dd2d33b288b606764067f3c07c4<br><br>( 20 imports ) <br>&gt; kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, CreateDirectoryA, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle<br>&gt; user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA<br>&gt; advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>&gt; oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen<br>&gt; kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<br>&gt; advapi32.dll: RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegCreateKeyExA, RegCreateKeyA, RegCloseKey<br>&gt; kernel32.dll: lstrlenA, WriteFile, WinExec, WaitForSingleObject, VirtualQuery, SetThreadPriority, SetFileTime, SetFilePointer, SetFileAttributesA, SetEvent, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, MultiByteToWideChar, MulDiv, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalAlloc, GetVersionExA, GetThreadLocale, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileAttributesA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCommandLineA, GetCPInfo, GetACP, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateSemaphoreA, CreateProcessA, CreateFileA, CreateEventA, CompareStringA, CloseHandle<br>&gt; gdi32.dll: UnrealizeObject, StretchBlt, SetTextColor, SetStretchBltMode, SetROP2, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, RealizePalette, PatBlt, MoveToEx, MaskBlt, LineTo, GetTextMetricsA, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetCurrentPositionEx, GetBrushOrgEx, DeleteObject, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, BitBlt<br>&gt; user32.dll: wvsprintfA, WindowFromPoint, WaitMessage, TranslateMessage, ToAscii, ShowWindow, SetWindowTextA, SetWindowPos, SetWindowLongA, SetTimer, SetParent, SetFocus, SetCursor, SendMessageTimeoutA, SendMessageA, ReleaseDC, RegisterWindowMessageA, RegisterClassA, PostQuitMessage, PostMessageA, PeekMessageA, OffsetRect, MsgWaitForMultipleObjects, MessageBoxA, LoadStringA, LoadIconA, LoadCursorA, KillTimer, IsWindowEnabled, IsWindow, InvalidateRect, GetWindowRect, GetWindowLongA, GetWindowDC, GetSystemMetrics, GetSysColor, GetMessageA, GetKeyState, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDC, GetCursorPos, GetClientRect, GetClassInfoA, GetCapture, FindWindowExA, FindWindowA, FillRect, DispatchMessageA, DestroyWindow, DestroyIcon, DestroyAcceleratorTable, DefWindowProcA, CopyImage, ClientToScreen, CallWindowProcA, CharNextA, CharLowerBuffA, CharUpperBuffA, CharToOemA<br>&gt; shell32.dll: ShellExecuteA<br>&gt; ole32.dll: CoUninitialize, CoInitialize<br>&gt; oleaut32.dll: GetErrorInfo<br>&gt; wininet.dll: InternetGetConnectedState, InternetOpenA, InternetConnectA<br>&gt; shell32.dll: SHGetSpecialFolderLocation, SHGetPathFromIDListA<br>&gt; user32.dll: CreateWindowExA<br>&gt; oleaut32.dll: SysFreeString, SysAllocStringLen<br>&gt; kernel32.dll: Sleep<br>&gt; oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit<br>&gt; winmm.dll: timeSetEvent, timeKillEvent<br>&gt; user32.dll: DdeCmpStringHandles, DdeFreeStringHandle, DdeQueryStringA, DdeCreateStringHandleA, DdeGetLastError, DdeFreeDataHandle, DdeUnaccessData, DdeAccessData, DdeCreateDataHandle, DdeClientTransaction, DdeNameService, DdePostAdvise, DdeSetUserHandle, DdeQueryConvInfo, DdeDisconnect, DdeConnect, DdeUninitialize, DdeInitializeA<br><br>( 0 exports ) <br>
RDS…: NSRL Reference Data Set<br>-
ThreatExpert info: <a href=”http://www.threatexpert.com/report.aspx?md5=c103b348b93e7eefab3db605b2bc4e5b” target=”_blank”>http://www.threatexpert.com/report.aspx?md5=c103b348b93e7eefab3db605b2bc4e5b</a>

Loading