Saturday 31 January 2015

f0xy Malware: "Malware Hides By Using Microsoft BITS Download Service"


Researchers have discovered a malware specimen that Microsoft's own download service used to hide.The malware by security firm Websense 'f0xy' and is among other because of the use of the Microsoft Background Intelligent Transfer Service ( BITS ).

This service uses available bandwidth for downloading files. Many Windows services use this service, including Windows Update and Windows Defender. According to researchers used f0xy download service to avoid being noticed. Virus scanners would beat slower alarm when network requests BITS see coming than an unknown .exe file would be the case. The malware itself is developed to mine infected computers to digital currency.

Hashes:

f522e0893ec97438c6184e13adc48219f08b67d8

080c61c9172cd49f6e4e7ef27285ccaaf6d5f0ac

c25da337ec5ac041312b062e7fb697e4f01ca8d9

cd4e297928502dece4545acbe0b94dd1270f955c

adbf0e4d37e381fe7599695561262d1a65205317

54d2810aaae67da9fa24f4e11f4c2d5fe4d2b6d4

7de3ed8f751a528fde1688d35c6eb5533b09ae11

812e453c22e1a9f70b605cd27d3f642c3778d96d

55c9d015b1f8d68e6b5ce150f2dbab2b621dac1c

e80d7f27405ece2697a05d6c2612c63335851490

f4f1d8bceb62c72f2fe6713c5395555917fc40ad

2a4837fdb331f823ca474f521248b2cdb766528f

f522e0893ec97438c6184e13adc48219f08b67d8

No comments:

Post a Comment