2010年3月30日 星期二

FW: NEWSBANK :: Visa Data Security Alert - Key Logger: Key Stroke and Screen Capture


-------------------------------------------
From: Paul Ferguson (RD-US)
Sent: Wednesday, March 31, 2010 1:51:13 PM
To: Juan Castro (SAL-LA)
Cc: Newsbank
Subject: RE: NEWSBANK :: Visa Data Security Alert - Key Logger: Key Stroke and Screen Capture
Auto forwarded by a Rule


Checking…

 

-ferg

 

--

"Fergie", a.k.a. Paul Ferguson

 Threat Research,

 CoreTech Engineering

 Trend Micro, Inc., Cupertino, California USA

 

From: Juan Castro (SAL-LA)
Sent: Tuesday, March 30, 2010 10:48 PM
To: Newsbank
Subject: NEWSBANK :: Visa Data Security Alert - Key Logger: Key Stroke and Screen Capture

 

Hi All,

 

Do we have detections for the binaries mentioned in the Visa security alert?

 

http://usa.visa.com/download/merchants/key-logger-key-stroke-and-screen-capture.pdf?Mar292010

 

Filename

Size

MD5

bpkhk.dll

489,984

35f5478e190cc6614a6a5d4f1f380855

bpk.exe

1,090,560

663267d3ed4af3582ea57ba03fb0da92

bpk.exe

401,408

18bc32bb8a8d5a85cdafad5a4ecc4c73

bpkr.exe

747,520

7231b6c5ca6addd905db7677200833e2

fstsmtp.exe

1,560,661

80ee23ede41504b1a83654334148306f

xxx.exe

Unknown

994ffae187f4e567c6efee378af66ad0

SMTPListener

Unknown

5e289e10a2f3fe6b3080825f5dbf588f

dll32.exe

438,272

bae0fb25bcf05a5da7fde8dce759ee0d

ToolKeylogger

2,007,040

4cf8307cac714fe4f2cbc5d46f5cf243

ToolKeylogger

6,432

3f4ad41f10ec18a7f27f2339ee500dda

 

Regards

 

Juan

 

outbind://12-00000000A1F11A1B688C5340B7B544F7DA8F58E6A42C2B00/cid:171170416@07062007-11FD

 

Juan Pablo Castro | xSP, Latin America Region

Insurgentes Sur 688 P6, 03100 Mexico City, DF, Mexico

Office: +52.55.3067.6013 | Mobile: +52.1.55.1451.3437

 

沒有留言: