«
»

New Mac OS X Jahlav variant

August 6th, 2009

Yet another domain pushing a new MD5 of the Jahlav Trojan for Mac OS X.

fa1

tdenuwas.com/download/78384e3034413d3db727515620090801/QuickTimeUpdate.dmg

Actually several domains on the same IP (91.214.45.73) are hosting the malware:

allincorx.com

bigdron.com

cikaredo.com

civilizxx.com

comeandtryx.com

deribrowns.com

draxxtermania.com

givendream.com

hitrowzone.com

jumborad.com

ltdkeeper.com

operationelx.com

oxxadox.com

paxxtiger.com

rednetx.com

rstdeals.com

simplexdoom.com

sinisteer.com

tniredrum.com

ufapeace.com

Only 3 vendors on Virus Total are detecting this threat:

Kaspersky, F-Secure and Sophos.

vt1

Jerome Segura

Malware ID: 7424683a943171a92d2b281da41fec9e.zip

ParetoLogic, a Microsoft Certified Partner

 

RSS feed to this site Twitter Linkedin YouTube Channel

 

RSS feed to this site
Jerome Segura is a Security Analyst working at ParetoLogic.

You can contact him at:
MalwareDiaries Email

 

Pages




Security Software




Malware Top 10




Archives




Categories
 
 
 

© 2010 ParetoLogic Inc.