Skip to main content

RapidShare used to spread rogueware

RapidShare used to spread rogueware


Besides the usual spam this morning, in the likes of "very good news . now you can buy new iphone 4 from this site! ",

I had also received an email from someone I know. It was sent to all of his contacts, including me. The message only contained the following URL:


Link to Rapidshare to download a file called "surprise.exe" I have obfuscated the URL for your safety.

It comes to no surprise that actually this file is rogueware with the name Security Shield. Below you can find an example screenshot of this rogue:


Security Shield rogueware


surprise.exe
Result: 11/42 (26.2%)
MD5: a6af97e7a5fd59c82b4c08a568eae882
VirusTotal
Anubis Report
ThreatExpert Report

When executing the downloaded file ( surprise.exe ):



Conclusion


Besides coming from a trusted person, this rogueware program is also using Rapidshare as a mirror for spreading. Also, the file has the name "surprise.exe" which may convince you even further that your friend has just sent you a message with a nice surprise e-card or similar. After all, you know the person who sent it, why would it hurt ?

The above pictures proove why. I doubt youd want some rogueware sitting on your computer. The trick is you should never trust an email which has:

- only a URL included in the message
- crappy spelling and grammar if there is content in the message
- been sent out to everyone in the senders address book
- been sent from an unknown sender
- promises you can buy something for a very cheap price
- No subject or strange subjects ( eg.: "0 enjoy yourself" )

If you have downloaded a program and you are unsure about its intentions, you can always upload it to VirusTotal or other online virusscanners (VirScan, Jotti). Keep in mind that if a file is not detected by any engine, it is not necessarily clean!

Peace out.

download file now

Labels:

Popular posts from this blog

Ragnos1997 Low Specs Patches for low PC Download

Ragnos1997 Low Specs Patches for low PC Download Ragnos1997 Low Specs Patches for Low PC Full Download "Let your system breathe, and enjoy even the latest games on your low end hardware. Only with Low Specs Experience�" Which games are affected ? ALAN WAKE ALAN WAKE�S AMERICAN NIGHTMARE ALIEN: ISOLATION ALIEN: COLONIAL MARINES 7 DAYS TO DIE AMERICAN TRUCK SIMULATOR ANNO 2205 ARMA III ASSASSIN�S CREED ASSASSIN�S CREED II ASSASSIN�S CREED BROTHERHOOD ASSASSIN�S CREED REVELATIONS ASSASSIN�S CREED III ASSASSIN�S CREED III LIBERATION HD ASSASSIN�S CREED IV BLACK FLAG ASSASSIN�S CREED UNITY ASSASSIN�S CREED ROGUE ASSASSIN�S CREED SYNDICATE BATMAN ARKHAM ORIGINS BATMAN ARKHAM ORIGINS BATTLEFIELD BAD COMPANY 2 BATTLEFIELD 3 BATTLEFIELD 4 BATTLEFIELD HARDLINE BATTLEFIELD 1 BIOSHOCK INFINITE BORDERLANDS BORDERLANDS 2 BORDERLANDS THE PRE-SEQUEL CALL OF DUTY BLACK OPS CALL OF DUTY BLACK OPS II CALL OF DUTY BLACK OPS III CALL OF DUTY GHOSTS CALL OF DUTY ADVANCED WARFARE CALL OF DUTY INFIN...
Read more

REPOST HAZE Hazecolor Dia 1971 German Hard Psych Rock

REPOST HAZE Hazecolor Dia 1971 German Hard Psych Rock BEAUTIFUL ALBUM!!! GREAT SOUND HARD PSYCH ROCK WHIT FLUTE SOLOS!!! HIGHLY RECOMENDED!!! UMA MANEIRA DE ENCONTRAR O PARA�SO E FUMAR O SEU HAXIXE!! ASSIM ERA DEFINIDO � �POCA O SOM DO HAZE!! GRANDE SOM HARD PSYCH ROCK COM PITADAS DO BLUES, SOLOS DE FLAUTA QUE N�O SE SABE QUAL INTEGRANTE TOCA, VISTO QUE N�O H� ESTA INFORMA��O NA CAPA E NEM NA HIST�RIA DA BANDA!!! O CERTO � QUE � UM SONZA�O ALTAMENTE RECOMENDADO!!!   The sole album released by Haze featured another of those extraordinary artwork sleeves designed by Walter Seyffer of Nine Days Wonder fame. It was made to look exactly like a slide picture, complete with die-cut cover and an attached transparency Picture center of the group Haze on both its front and back covers. What you get here is a photo reproduction of that artwork. Hazecolor-Dia was a Hauke & Dierks production, recorded during April 1971 at the Clerks Studio. All five tracks were written by Dietmar Low. Slow,...
Read more