If all you needed for happiness is to destroy a few virtual machines, here are the samples for today's headline maker.
The malware overwrites master boot record (MBR) as described here:
* Trojan.Jokra - Symantec
* DarkSeoul: SophosLabs identifies malware used in South Korean internet attack
* South Korean Banks, Media Companies Targeted by Destructive Malware - McAfee
* South Korean Banks and Broadcasting Organizations Suffer Major Damage from Cyber Attack - Symantec.
The malware overwrites master boot record (MBR) as described here:
* Trojan.Jokra - Symantec
* DarkSeoul: SophosLabs identifies malware used in South Korean internet attack
* South Korean Banks, Media Companies Targeted by Destructive Malware - McAfee
* South Korean Banks and Broadcasting Organizations Suffer Major Damage from Cyber Attack - Symantec.
Download
Download. Email me if you need the passwordDownload dc789dee20087c5e1552804492b042cd linux shell script
File Information
dc789dee20087c5e1552804492b042cd linux shell script
5FCD6E1DACE6B0599429D913850F0364
0A8032CD6B4A710B1771A080FA09FB87
DB4BBDC36A78A8807AD9B15A562515C4
F0E045210E3258DAD91D7B6B4D64E7F3
E4F66C3CD27B97649976F6F0DAAD9032 - (Oct 19, 2012)- older sample
50E03200C3A0BECBF33B3788DAC8CD46 (Aug 30, 2012) - older sample
Automatic Scans
SHA256: 422c767682bee719d85298554af5c59cf7e48cf57daaf1c5bdd87c5d1aab40cc
SHA1: bf823cfee2b2072efb7fed11898eb235e2b3c1ed
MD5: 9263e40d9823aecf9388b64de34eae54
File size: 417.5 KB ( 427520 bytes )
File type: Win32 EXE
Tags: peexe upx
Detection ratio: 14 / 45
Analysis date: 2013-03-21 01:23:59 UTC ( 2 hours, 55 minutes ago )
AhnLab-V3 Dropper/Eraser.427520 20130320
AntiVir TR/KillMBR.Y.2 20130320
Commtouch W32/Warezov.gen2!W32DL 20130320
DrWeb Trojan.KillFiles.10563 20130321
F-Prot W32/Warezov.gen2!W32DL 20130321
Microsoft Trojan:Win32/Dembr.A 20130320
NANO-Antivirus Virus.Win32.Gen.ccmw 20130321
nProtect Trojan/W32.Agent.427520.EJ 20130320
PCTools Trojan.Jokra 20130321
Symantec Trojan.Jokra 20130321
TrendMicro-HouseCall TROJ_GEN.F47V0320 20130321
VBA32 BScope.Trojan.MTA.0161 20130320
ViRobot Dropper.S.Agent.427520.A 20130320
SHA256: 239ed753232d3cc0e75323d16d359150937934d30da022628e575997c8dd60a2
SHA1: 9f69da40dda6367789041aaff01cf61d562b7c21
MD5: 5fcd6e1dace6b0599429d913850f0364
File size: 24.0 KB ( 24576 bytes )
File name: 239ed753232d3cc0e75323d16d359150937934d30da022628e575997c8dd60a2
File type: Win32 EXE
Tags: peexe
Detection ratio: 16 / 45
Analysis date: 2013-03-21 00:33:17 UTC ( 3 hours, 48 minutes ago )
AhnLab-V3 Win-Trojan/Agent.24576.JPG 20130320
AntiVir TR/KillMBR.Y.1 20130320
ClamAV Win.Trojan.Agent-257543 20130320
DrWeb Trojan.KillFiles.10563 20130321
Fortinet W32/Pak.ACED1!tr 20130320
Malwarebytes Trojan.MBR.Killer 20130320
McAfee KillMBR-FBIA 20130320
McAfee-GW-Edition Artemis!5FCD6E1DACE6 20130320
NANO-Antivirus Virus.Win32.Gen.ccmw 20130320
nProtect Trojan/W32.Agent.24576.EAO 20130320
PCTools Trojan.Jokra 20130321
Sophos Mal/EncPk-ACE 20130320
Symantec Trojan.Jokra 20130321
TrendMicro TROJ_INJECTO.BDE 20130320
TrendMicro-HouseCall TROJ_INJECTO.BDE 20130321
ViRobot Trojan.Win32.U.KillMBR.24576.A 20130320