Solved

detected regin , MD5 !?

  • 6 December 2014
  • 16 replies
  • 115 views

Userlevel 7
Badge +37
Hi , for regin threat ,  these are files MD5 :
 
link from US-Cert
 
01c2f321b6bfdb9473c079b0797567ba
06665b96e293b23acc80451abb413e50
187044596bc1328efa0ed636d8aa4a5c
1c024e599ac055312a4ab75b3950040a
26297dc3cd0b688de3b846983c5385e5
2c8b9d2885543d7ade3cae98225e263b
47d0e8f9d7a6429920329207a32ecc2e
4b6b86c7fec1c574706cecedf44abded
6662c390b2bbbd291ec7987388fc75d7
744c07e886497f7b68f6f7fe57b7ab54
b269894f434657db2b15949641a67532
b29ca4f22ae7b7b25f79c1d4a421139d
b505d65721bb2453d5039a389113b566
ba7bb65634ce1e30c1e5415be3d1db1d
bfbe8c3ee78750c3a520480700e440f8
d240f06e98c8d3e647cbf4d442d79475
db405ad775ac887a337b02ea8b07fddc
ffb0b9b5b610191051a7bdf0806e1e47
18d4898d82fcb290dfed2a9f70d66833
b9e4f9d32ce59e7c4daf6b237c330e25
d446b1ed24dad48311f287f3c65aeb80
8486ec3112e322f9f468bdea3005d7b5
da03648948475b2d0e3e2345d7a9bbbb
1e4076caa08e41a5befc52efd74819ea
68297fde98e9c0c29cecc0ebf38bde95
6cf5dc32e1f6959e7354e85101ec219a
885dcd517faf9fac655b8da66315462d
a1d727340158ec0af81a845abd3963c1
de3547375fbf5f4cb4b14d53f413c503
bddf5afbea2d0eed77f2ad4e9a4f044d
c053a0a3f1edcbbfc9b51bc640e808ce
 
i checked all these MD5 at this link " MD5 lookup "
 
some of these MD5 show : We have no further information on this file at the moment
 
same these MD5 : bddf5afbea2d0eed77f2ad4e9a4f044d  &  c053a0a3f1edcbbfc9b51bc640e808ce
 
this means webroot do not detected some regin threat files ?
 
Thank You .
 
icon

Best answer by Rakanisheu Retired 15 December 2014, 11:09

View original

16 replies

Userlevel 7
Badge +56
Why don't you report it to the Support Inbox posting MD5's do nothing here on the Community and on the Weekend.
 
TH :@
Userlevel 7
Badge +37
Oh , i am so sorry .
I am crazy .
Please not frustrated ... 
Userlevel 7
Badge +56
@ wrote:
Oh , i am so sorry .
I am crazy .
Please not frustrated ... 
We are all crazy! 😃 So no worries!
Userlevel 7
Hello,
 
All of those files are bad in our database and have been for a number of weeks.
 
Thanks,
Roy
Userlevel 7
Badge +56
@ wrote:
Hello,
 
All of those files are bad in our database and have been for a number of weeks.
 
Thanks,
Roy
Hi Roy @ we were talking via PM and he checks the MD5's with Webroot here and sees no info? http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx?FOUR=Y&CMD=P40SUBMITFILE&AGENTPROFILE=RFTCWHF&InstanceMID=r89n1860130r5zq403r99z93n614r83r9r0843z01n57rp4005q53pp0p3p35xq2&LIC=FZZ3XPGZZ8406P894Z8X&LANG=pa&VER=17430&CSIPARTNER=7 just to let you know.
 
Thanks,
 
Daniel ;)
 

Userlevel 7
Badge +37
Hi Daniel .
Hi Roy .

Yes, Daniel True .

I use webroot MD5 Lookup address for checked MD5 .
Userlevel 7
Badge +37
plz update this post .
Userlevel 7
Badge +56
@ wrote:
plz update this post .
What is there to update as Roy already said they are known bad. Or why isn't it working when you upload other MD5's?
 
Daniel
Userlevel 7
Badge +37
Dear Daniel ,
 
now i checking these md5 :
da03648948475b2d0e3e2345d7a9bbbb
1e4076caa08e41a5befc52efd74819ea
68297fde98e9c0c29cecc0ebf38bde95
6cf5dc32e1f6959e7354e85101ec219a
885dcd517faf9fac655b8da66315462d
a1d727340158ec0af81a845abd3963c1
de3547375fbf5f4cb4b14d53f413c503
bddf5afbea2d0eed77f2ad4e9a4f044d
c053a0a3f1edcbbfc9b51bc640e808ce
 
and show : We have no further information on this file at the moment
Userlevel 7
Badge +56
@ wrote:
Dear Daniel ,
 
now i checking these md5 :
da03648948475b2d0e3e2345d7a9bbbb
1e4076caa08e41a5befc52efd74819ea
68297fde98e9c0c29cecc0ebf38bde95
6cf5dc32e1f6959e7354e85101ec219a
885dcd517faf9fac655b8da66315462d
a1d727340158ec0af81a845abd3963c1
de3547375fbf5f4cb4b14d53f413c503
bddf5afbea2d0eed77f2ad4e9a4f044d
c053a0a3f1edcbbfc9b51bc640e808ce
 
and show : We have no further information on this file at the moment
@ will see this on Monday and maybe he will let us know why no info shows up when you upload MD5's via Webroot. http://snup.webrootcloudav.com/SkyStoreFileUploader/upload.aspx?FOUR=Y&CMD=P40SUBMITFILE&AGENTPROFILE=RFTCWHF&InstanceMID=r89n1860130r5zq403r99z93n614r83r9r0843z01n57rp4005q53pp0p3p35xq2&LIC=FZZ3XPGZZ8406P894Z8X&LANG=pa&VER=17430&CSIPARTNER=7#md5
 
Daniel 😉
Userlevel 7
Badge +37
Thank you so much Daniel . :)

But i have a question .
 
Security is very very importante and 24/7/365 .
 
Why support and webroot threat labs do not answer at holiday days ? 
 
Amir
 
Userlevel 7
Badge +56
They do via the Ticket System and they help the one's that need more help than other's say if someone is infected they would look after them first then the next. On the Community it's basically Application support by us Volunteers on the Weekends and we are happy to do so that's how much we believe in WSA!
 
Daniel 😉
Userlevel 7
Just to add to what Daniel said, the actual Ticketing system is staffed 24/7 even though the phone number is only active during normal business hours.  The weekends tend to be busier, so it might take a little longer for a reply but you will get a reply.
Userlevel 7
da03648948475b2d0e3e2345d7a9bbbb
1e4076caa08e41a5befc52efd74819ea
68297fde98e9c0c29cecc0ebf38bde95
6cf5dc32e1f6959e7354e85101ec219a
885dcd517faf9fac655b8da66315462d
a1d727340158ec0af81a845abd3963c1
de3547375fbf5f4cb4b14d53f413c503
bddf5afbea2d0eed77f2ad4e9a4f044d
c053a0a3f1edcbbfc9b51bc640e808ce
 
Nobody has seen those files, they have no VT hits, in fact they aren't even in VT. 
Userlevel 7
Badge +52
https://www.virustotal.com/file/392f32241cd3448c7a435935f2ff0d2cdc609dda81dd4946b1c977d25134e96e/analysis/1418639382/
https://www.virustotal.com/file/8389b0d3fb28a5f525742ca2bf80a81cf264c806f99ef684052439d6856bc7e7/analysis/1418639383/
https://www.virustotal.com/file/cca1850725f278587845cd19cbdf3dceb6f65790d11df950f17c5ff6beb18601/analysis/1418639384/
https://www.virustotal.com/file/e420d0cf7a7983f78f5a15e6cb460e93c7603683ae6c41b27bf7f2fa34b2d935/analysis/1418639384/
https://www.virustotal.com/file/a6603f27c42648a857b8a1cbf301ed4f0877be75627f6bbe99c0bfd9dc4adb35/analysis/1418639379/
https://www.virustotal.com/file/c0cf8e008fbfa0cb2c61d968057b4a077d62f64d7320769982d28107db370513/analysis/1418639380/
https://www.virustotal.com/file/df77132b5c192bd8d2d26b1ebb19853cf03b01d38afd5d382ce77e0d7219c18c/analysis/1418639380/
https://www.virustotal.com/file/f1d903251db466d35533c28e3c032b7212aa43c8d64ddf8c5521b43031e69e1e/analysis/1418639381/
https://www.virustotal.com/file/20831e820af5f41353b5afab659f2ad42ec6df5d9692448872f3ed8bbb40ab92/analysis/1418639385/
https://www.virustotal.com/file/5001793790939009355ba841610412e0f8d60ef5461f2ea272ccf4fd4c83b823/analysis/1418639385/
https://www.virustotal.com/file/a0e3c52a2c99c39b70155a9115a6c74ea79f8a68111190faa45a8fd1e50f8880/analysis/1418639385/
https://www.virustotal.com/file/b12c7d57507286bbbe36d7acf9b34c22c96606ffd904e3c23008399a4a50c047/analysis/1418639386/
https://www.virustotal.com/file/f89549fc84a8d0f8617841c6aa4bb1678ea2b6081c1f7f74ab1aebd4db4176e4/analysis/1418639391/
https://www.virustotal.com/file/fe1419e9dde6d479bd7cda27edd39fafdab2668d498931931a2769b370727129/analysis/1418639391/
https://www.virustotal.com/file/249bbdd9759ec307117bc759e9a2610b5f0706cf99962ce2dcabdacf4fa2b62e/analysis/1418639442/
https://www.virustotal.com/file/4e39bc95e35323ab586d740725a1c8cbcde01fe453f7c4cac7cced9a26e42cc9/analysis/1418639377/
https://www.virustotal.com/file/8d7be9ed64811ea7986d788a75cbc4ca166702c6ff68c33873270d7c6597f5db/analysis/1418639377/
https://www.virustotal.com/file/7d38eb24cf5644e090e45d5efa923aff0e69a600fb0ab627e8929bb485243926/analysis/1418639377/
https://www.virustotal.com/file/4d6cebe37861ace885aa00046e2769b500084cc79750d2bf8c1e290a1c42aaff/analysis/1418639377/
https://www.virustotal.com/file/9cd5127ef31da0e8a4e36292f2af5a9ec1de3b294da367d7c05786fe2d5de44f/analysis/1418639378/
https://www.virustotal.com/file/5c81cf8262f9a8b0e100d2a220f7119e54edfc10c4fb906ab7848a015cd12d90/analysis/1418639377/
https://www.virustotal.com/file/225e9596de85ca7b1025d6e444f6a01aa6507feef213f4d2e20da9e7d5d8e430/analysis/1418639378/
https://www.virustotal.com/file/9ddbe7e77cb5616025b92814d68adfc9c3e076dddbe29de6eb73701a172c3379/analysis/1418639379/
https://www.virustotal.com/file/a0d82c3730bc41e267711480c8009883d1412b68977ab175421eabc34e4ef355/analysis/1418639379/
https://www.virustotal.com/file/40c46bcab9acc0d6d235491c01a66d4c6f35d884c19c6f410901af6d1e33513b/analysis/1418639378/
https://www.virustotal.com/file/4139149552b0322f2c5c993abccc0f0d1b38db4476189a9f9901ac0d57a656be/analysis/1418639385/
https://www.virustotal.com/file/e1ba03a10a40aab909b2ba58dcdfd378b4d264f1f4a554b669797bbb8c8ac902/analysis/1418639386/
https://www.virustotal.com/file/ecd7de3387b64b7dab9a7fb52e8aa65cb7ec9193f8eac6a7d79407a6a932ef69/analysis/1418639386/
https://www.virustotal.com/file/7553d4a5914af58b23a9e0ce6a262cd230ed8bb2c30da3d42d26b295f9144ab7/analysis/1418639379/
https://www.virustotal.com/file/fd92fd7d0f925ccc0b4cbb6b402e8b99b64fa6a4636d985d78e5507bd4cfecef/analysis/1418639387/
https://www.virustotal.com/file/a7e3ad8ea7edf1ca10b0e5b0d976675c3016e5933219f97e94900dea0d470abe/analysis/1418639388/
https://www.virustotal.com/file/b755ed82c908d92043d4ec3723611c6c5a7c162e78ac8065eb77993447368fce/analysis/1418639389/
https://www.virustotal.com/file/d42300fea6eddcb2f65ffec9e179e46d87d91affad55510279ecbb0250d7fdff/analysis/1418639386/
https://www.virustotal.com/file/a7493fac96345a989b1a03772444075754a2ef11daa22a7600466adc1f69a669/analysis/1418639389/
Userlevel 7
Badge +37
Dear Roy and Petrovic ,
 
Thank you so muh for your Answer & Help me for learn  new knowledge ,
 
Best Regards ,
Amir
 

Reply