DOS NUEVAS VARIANTES DE BITCOINMINER en ficheros READER.EXE

A partir del ELISTARA 28.93 de hoy pasamos a controlar otras dos variantes del BITCOIN MINER
Los preanalisis de virustotal ofrecen estos informes:
MD5 56e353ced9c205d63a5743b61376f217
SHA1 2a0069f6916850189c960a2f4ee760553ad9fb0c
File size 177.5 KB ( 181760 bytes )
SHA256: 8dd6cc835e6d1aa7b8f043fe4e39ffe8d73e255735b7dfdd6faec069d09e8658
Nombre: reader(1).exe
Detecciones: 29 / 47
Fecha de análisis: 2013-12-09 16:08:40 UTC ( hace 0 minutos )

0 1

Antivirus Resultado Actualización
Ad-Aware Trojan.GenericKD.1435570 20131209
Agnitum Trojan.Foreign!XIkVqPzTegQ 20131207
AhnLab-V3 Trojan/Win32.Foreign 20131209
AntiVir TR/Rogue.1435570 20131209
Antiy-AVL Trojan/Win32.Foreign.gen 20131209
Avast Win32:Dropper-gen [Drp] 20131209
AVG  20131209
Baidu-International Trojan.Win32.Ransom.AJgn 20131209
BitDefender Trojan.GenericKD.1435570 20131209
Bkav  20131209
ByteHero  20131127
CAT-QuickHeal  20131209
ClamAV  20131209
Commtouch  20131209
Comodo  20131209
DrWeb BackDoor.Pigeon1.8416 20131209
Emsisoft Trojan.GenericKD.1435570 (B) 20131209
ESET-NOD32 Win32/CoinMiner.FN 20131209
F-Prot  20131209
Fortinet W32/Foreign.JPDS!tr 20131209
GData Trojan.GenericKD.1435570 20131209
Ikarus Trojan-Ransom.Win32.Foreign 20131209
Jiangmin  20131209
K7AntiVirus Riskware ( 0040eff71 ) 20131209
K7GW Riskware ( 0040eff71 ) 20131209
Kaspersky Trojan-Ransom.Win32.Foreign.jpds 20131209
Kingsoft  20130829
Malwarebytes Trojan.Ransom 20131209
McAfee RDN/Ransom!dw 20131209
McAfee-GW-Edition Artemis!56E353CED9C2 20131209
Microsoft VirTool:Win32/Injector.CI 20131209
MicroWorld-eScan Trojan.GenericKD.1435570 20131209
NANO-Antivirus  20131209
Norman Suspicious_Gen4.FLVZK 20131209
nProtect  20131209
Panda Generic Malware 20131209
Rising  20131209
Sophos  20131209
SUPERAntiSpyware Trojan.Agent/Gen-Cryptor[Virut] 20131209
Symantec Downloader 20131209
TheHacker  20131209
TotalDefense  20131206
TrendMicro TROJ_GEN.F0C2C00L613 20131209
TrendMicro-HouseCall TROJ_GEN.F0C2C00L613 20131209
VBA32  20131209
VIPRE Trojan.Win32.Generic!BT 20131209
ViRobot  20131209

y el otro:

MD5 0a5686bf2d2f01813fa4fe8d90876a6a
SHA1 903704c658f4032d1cf5aa7e33b96877b62ea0e0
File size 124.0 KB ( 126976 bytes )
SHA256: 1da8ea34749e50ed200651a7eaea5c540d2cb2c6fef441b37d76e68802346f63
Nombre: reader(2).exe
Detecciones: 8 / 47
Fecha de análisis: 2013-12-09 16:12:43 UTC ( hace 0 minutos )

0 1

Antivirus Resultado Actualización
Ad-Aware  20131209
Agnitum  20131207
AhnLab-V3 Dropper/Win32.FrauDrop 20131209
AntiVir  20131209
Antiy-AVL  20131209
Avast Win32:Malware-gen 20131209
AVG  20131209
Baidu-International  20131209
BitDefender  20131209
Bkav  20131209
ByteHero  20131127
CAT-QuickHeal  20131209
ClamAV  20131209
Commtouch  20131209
Comodo  20131209
DrWeb Trojan.DownLoader9.22851 20131209
Emsisoft  20131209
ESET-NOD32 a variant of Win32/Injector.ATAH 20131209
F-Prot  20131209
Fortinet  20131209
GData  20131209
Ikarus  20131209
Jiangmin  20131209
K7AntiVirus  20131209
K7GW  20131209
Kaspersky Trojan.Win32.Badur.fryr 20131209
Kingsoft  20130829
Malwarebytes Trojan.Agent.ED 20131209
McAfee  20131209
McAfee-GW-Edition  20131209
Microsoft  20131209
MicroWorld-eScan  20131209
NANO-Antivirus  20131209
Norman  20131209
nProtect  20131209
Panda  20131209
Rising PE:Malware.Obscure/Huer!1.9E03 20131209
Sophos  20131209
SUPERAntiSpyware  20131209
Symantec  20131209
TheHacker  20131209
TotalDefense  20131206
TrendMicro  20131209
TrendMicro-HouseCall TROJ_GEN.F47V1208 20131209
VBA32  20131209
VIPRE  20131209
ViRobot  20131209

Dicha version del ELISTARA 28.93 que los detecta y elimina, estará disponible en nuestra web a partir de las 19 h CEST de hoy

saludos

ms, 9-12-2013