Lavasoft Malware Labs Blog
Malware Encyclopedia
Platform: Win32
Type: Worm
Language: C++
Summary
Worm.Win32.Mabezat.b is a polymorphic worm (worm copies or code of the infected files vary due to encrypting and adding random rubbish data) which creates copies of itself on the local drives and shared network resources.
Platform: Win32, DLL
Type: Trojan
Size: 81384 bytes
Packer: UPX
Language: C++
MD5: 03750525C4BC10E36A40733EAEE37216
SHA1: B2A47CAEC704197997AFC5D34B90CA22929FB5BD
Summary
Trojan.Win32.OnLineGames.IZ is a Trojan program designed to steal user passwords to online games and messenger clients.
Platform: Win32
Type: Worm
Size: 32768 bytes
Packer: PE_Patch, PECompact, PecBundle
Unpacked size: 123 KB
Language: Visual Basic
MD5: 5C58E370266F182E6507D2AEF55228E6
SHA1: E43C9BEFF365596525CD28DEBBC572761E4E71D5
Summary
The worm creates copies of itself on the local drives and shared network resources. It also can spread via email.
Platform: Win32
Type: Virus
Size: 176309 bytes
Language: Visual Basic Script
Summary
This virus is designed to install a Trojan on the victim machine without the user's knowledge or consent.
Detect: Virus.Win32.Expiro.nab
Platform: Win32
Type: Virus
Size: 298496 bytes
Language: C++
md5: FF3945214D3CDB38E853749F188630F2
sha1: C22F7716EB50BD5B1284DC11A8DFFA73E1DE50CD
Summary
It is a malware which infects files on the user’s
Detect: Trojan.Win32.PSW.gz
Platform: Win32
Type: Trojan
Size: 61200 bytes
Packed:UPX
Unpacked size: 77072 bytes
Language:C++
Summary
Trojan.Win32.PSW.gz is a Trojan program designed to steal user passwords for online games and messenger clients.
Platform: Win32
Type: Trojan
Size: 15204
Language: JavaScript
Summary
The Trojan downloads other malicious programs. Trojan-Downloader.JS.Agent.nwg is JavaScript Trojan and it may be embedded in the HTML code.
Platform: Win32
Type: Trojan-Downloader
Size: 40960 bytes
Language: Visual Basic
MD5: D71CE1F34931F75AC72B1C9916340C4F
SHA1: D2624E9410349646C04C5B9B6191EB2A555113DC
Summary
Trojan-Downloader.Win32.VB.pqr is a Trojan program which downloads other malicious programs from the Internet without the user's knowledge or consent and launches them for execution.
Platform: Win32
Type: Virus
Size: 212992 bytes
Language: C++
MD5: 08C9FCE3E1EBE443B0BA1B275337F145
SHA1: E25C727262E6DC30BB1EBAB1CD55938C7329E17D
Summary
The malware is a Windows dynamic library infected by a file virus which is able to function as a backdoor program. Attackers may use the malware to steal confidential information as well as download other malicious programs onto the infected PC.
Detect: Virus.Win32.Sality.gen
Platform: Win32
Type: Virus
Size: The virus body size varies depending on a version
Packer: The archived document is of unknown file type
Language: C++
Summary
It is a malicious program which infects files on the PC.
Detect: Virus.Win32.Alman.b
Platform: Win32
Type: Virus
Virus body size: ~38 KB
Summary
It is a malware which infects executable PE-EXE files.
Detect: Trojan.Win32.Sirefef.pm
Platform: Win32
Type: Trojan
md5: 065EFD579429DE85C9A0C55DF7E8CABE
sha1:0a6b40809556199f0e746bf37e7ab29b97c4a90eb84d85360a1caf065c190ca
Summary
It is a malicious software designed to download other malicious programs and install them on the user's PC. It is an NT kernel mode driver.
