lol Zbot With fake digital signture(until 2040)

File: linun.exe
CRC-32: 3b4cac9b
MD4: 078b854463c5c332884f6d3b5623c36d
MD5: 6c1995fdd1e90fb013e6390cf68c3ef4
SHA-1: 588ea8bad35166cb1b13dadcfed2ff2833968d46

lol with Fake Digitale signature
that file need to use internet explorer to download more malwares
this kind (Zbot) yasterday i submit it and update for it
but i see the file created too in application data with another hash and md5
so please add this new version too
and after infect internet explorer lol the file go create C:/test/sample.exe after that injection to lssas.exe like what i test


best regards hicham

[attachment deleted by admin]

Hi hicham0716,

Thanks for reporting. We’ll check this.


i report it yarstday and the team add it in the signature but they add only the orginal file
without add the infection file in C:/test/sample.exe
and the file which i send it
all created by the orginal file which i sent it yasterday
i hope to join comodo tester or malware reaserch team

best regards hicham

Waiting The resultat :slight_smile: