Dark Web Escrow Service Explained

Dark Web Escrow Service Explained

gAtO FoUnD - this dark marketplace website -Nucleus- they explains the escrow service policy and wanted to pass it along so we can all learn how the dark plays- now remember that this is only one dark websites version. Each different marketplaces has different version and flavors os their escrow policy. Bottom line your trussing two unknown people and Bitcoin transactions are final – so think and learn. Another marketplace Evolution closed down with 12-million in Bitcoin escrow and the admin disappeared – happily ever after.  - gAtO OuTsegway_bike_Bitcoin

Okay, there seems to be an insane amount of bad finalizing practices on the market – lets lay this out.

Escrow – You give your money to a 3rd party (Nucleus) – This proves to the vendor you have the funds available, they ship product. You receive the item, and when you finalize, Nucleus gives your funds to the vendor. You prove you have money, vendor proves they have product, Nucleus proves the transaction was agreed to and turns the money over.

In the event of a dispute where escrow is involved, Nucleus agrees to mediate, acting as an unbiased 3rd party. If the vendor can prove they sent the product through tracking information or some other means, or offers a reshipment which you choose to accept, ect. Nucleus releases the funds to the Vendor. If the Vendor cannot prove they shipped the product, or no remedy is found to the customers dispute, the funds are returned to Customer.
Nucleus also offers a percentage based refund, where the customer can ask for a smaller portion of the price returned. This is useful for situations where for example a customer places an order for 50 units of an item and only 25 units are delivered, ect. – In the example here, the customer would ask for a 50% refund.

To prevent vendors waiting an excessively long time for funds if a customer should fail to log on or forget to finalize, Nucleus provides a timer on each order which releases the funds to the vendor when it runs out. The customer should note this timer, or auto-finalize feature, and take measures to file an appropriate dispute before it expires. Often, the mail runs slow, and vendors usually like to be optimistic in their advertising, so occasionally the timer will run out before a product has arrived, despite the vendor having actually sent the product. In these cases, the customer can send an order to reclamations by filing a dispute, which will stop the autofinalize timer until the product arrives. When the product arrives, the customer should select 0% in the refund request field, and the vendor will accept this offer releasing the funds.

FE or Finalize Early – You release the funds directly to the vendor, the vendor ships the product. Nucleus is not holding your money in escrow, therefor, in the case of a dispute, a refund is asked directly from the vendor. Vendors often have legitimate reasons for needing the money before delivery, including but not limited to ;
-Customer wants more of a product than is readily available on hand, but the vendor can easily and reliably obtain that amount of product if provided the funds.
-Vendor has an arranged middle-man product with another vendor. Typically, vendors are able to move product at a faster rate than normal customers, so vendors will work out a mutual agreement amongst each other to provide a discount for driving referral business.
-Order is deemed by vendor to be excessively risky due to international shipments, customs, ect. In this instance, vendors inform the customer of the risks involved and usually agree to keep and share tracking information with the customer.
Often, vendors will offer extra products or discounts for early finalization.

In the event of a dispute where escrow is NOT involved, Nucleus is not liable or required to provide mediation for the dispute, and the customer should address the issue with the vendor directly. HOWEVER. The customer SHOULD report any failure to deliver product to Nucleus staff, because if a pattern of failure to deliver, bad information, ect. begins to appear, Nucleus staff can take appropriate measures to remove the repeat offender from the market.

It is VERY important that customers fully understand their agreement with the vendor and Nucleus, and take appropriate measures to protect their money and not get ripped off. Due to the anonymous nature of the darknet, there is very little culpability or repercussions for scamming innocent people. Scammers are here to mislead and deceive, and will take your money without thinking twice, and if you have released the funds to the vendor, Nucleus will not be able to help you get them back.


Tracking Bitcoins in the Dark Web

Tracking Bitcoins – Notes: Follow the Money //-Bitcoin 

gAtO lOoKiNg - at what data points I need to track Bitcoin Transactions in the Datk Web to find answers. These are my notes on just one 1 Websites : If I track the Transactions backwards I can find donors and people paying for their service, Malware and other such crimes if I take the Transactions forward in Time I can find the Main wallets that the bad guys use and who knows – just 1 mistake and we have an IP addresses to track the wallet. I only tracked this a few levels and found 2 large Wallets that they use and they are very active. I have my own BLockChian tool but blockchain.info will do chain.com or blockexplorer.com will give you the same answers – I rather keep my queries private so I have my own Bolckchain tool – Next come using visualization tools to map this out graphically for a better view- This is for education and research purpose –gAtO oUt  

my Target is a Russian Site called Rutor – Forum type

Data Points:

Incoming TimeStamps – Transactions – Total Receive – FInal Balance  – Hash 160 – 

Outgoing will track the Big Wallets – 

Outgoing TimeStamps – Transactions – Total Receive – FInal Balance  – Hash 160 – 

Forward Taint Analysis – Branch

Bitcoin mapped to the Dark Web

Bitcoin mapped to the Dark Web

It has a Donation Bitcoin address- 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM   – So I tracked it down and found that it sent MOST of it’s donations to- 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 – Now when I track that one down it’s looking like a major Russian sites with over 155 Bitcoins 2–28-2015 the last transactions.

Now we can focus of – 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 – and look at all transactions and plot those all incoming and all outgoing this will give us targets to follow bad major actors. Now we can focus on WHO they SENT their funds to and WHO DONATED to them. But we backtrack one more layer and find that the sent a lot to this wallet address

1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 —7,204 transactions 2015-03-03 17:06:41    – 2014-08-06 15:22:59

They still have other wallets – 1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz –   34 transactions

Address 1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6
Hash 160 f00d8406e59a45ab7e97c0b04db7f9429ebb301d
No. Transactions


Total Received 2,080.69607184 BTC
Final Balance 304.3742092 BTC

russian Rutor  – http://xuytcbrwbxbxwnbu.onion/forums/

Main Bitcoin Address 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM

Address 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM
Hash 160 8fcac294e22adeae7593423548491f35898b09f2


No. Transactions 19
Total Received 1.63527533 BTC
Final Balance 0.00080742 BTC

Forward Taint Analysis 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM
Reversed Taint is the % of funds sent from an address which passed through another address.

This page shows the addresses which have received bitcoins from 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM. The greater the taint the stronger the link between the addresses.

Branch Address Taint (%) Count Top IPs
1EGhD6k5eemHUKXTyYpsW4tTgXsBNQqFhX 11.0051651037% 2
14Ccaz57tQ1VnQUYMRDfLCB33wxP94qsAc 8.3366196043% 2
1NvY14xke2ciChZrhsWkW6NuzKUUENeQZv 3.5355121312% 3
17MSwaNBwPpNVKQtmzXv7rdcB5AuPypHw6 3.2806102634% 2
1MqW5zvaJGuEC6nbN3pUQTLTzPYRMSbk8S 2.9744283827% 2
1AM8EBKq5nmS4auVJK4vmKxWFYPcQyvtra 2.8613089644% 4
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1.7409219031% 2
1CoVBD7dgQ2Zp5CVCGi2vFsNodcpVknHx9 1.6006770483% 6
2 1HTwtVPt9rjw41eeXdYSVDKRwJyiMEbgei 1.3490150913% 4
17kuq7g8vuQWadEjZyXJmthQ8T5UEFJUTp 0.4930945387% 6
1A4R1UWVyChjDJYQMkNeGBW1L2ykzr6si5 0.4818026739% 2
1Dh4a88kEPcUgkwrXZ4LBmWPnDmUfa1ibU 0.4516307499% 6
1FV4CMcG2vgxR2wLacKzmbqqaLZuJdQXrn 0.2922542393% 3
12kgFJgQGEFhs3NWYsSJPNNLDooGkxjf3d 0.2781579272% 2
1ErGZMb1LGpm5AMuwzT1bL43QUH5q9efMa 0.2559340135% 6
4 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0968090042% 8
1K9nnxWbStkFCWvespfzLsPZYHq43vTQiD 0.0286783334% 3
1KRbwDqzFtyjteweqRe37osgEGkPLRMtnv 0.0215128665% 6
1JobkW3ZQxumgGZSRiHr2aY1GPr8TF3XpE 0.0064259097% 4
1FYE661Cri8xEqh2qaAMmw4pC573DukufK 0.0061480831% 4
13TbeKq8CtL1HMa3U4k6DPDJEP6jNnMNNp 0.0000610886% 3

Forward Taint Analysis 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5
Reversed Taint is the % of funds sent from an address which passed through another address.

This page shows the addresses which have received bitcoins from 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5. The greater the taint the stronger the link between the addresses.

Branch Address Taint (%) Count Top IPs
13 1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 2.2174398666% 26
25 1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 1.7865394656% 50
3 1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1.5667580712% 6
3 1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 0.635670431% 6
1Q1JodiqipvQV1jwvuvVxkpQCmf8YZUNnP 0.1971180446% 2
19EdnSKKz5qyp841rNHzPgFsCAq4ikqUCV 0.1897090349% 4
1CSR6iByvTpU4AE13MHpRi28Uz4H4p8PSc 0.170258001% 2
1DV8HJwoPPtAKYKgK7HDE6x4JtkaZsrJSY 0.0636613273% 2
17Yc8SYUc1fGDRrYGK6g3bf8Zy1RzWoEmv 0.0490620728% 2
1BQRe4fFy8eBAwiahxXgHnMsEgict1sAbv 0.0409695535% 2
16Nh2MDRLDgCdNw1Jc62Uae2qfdy5LatGE 0.0396932922% 2
19jhCRTBY9wiRz8tZdrXZhSc4Fh959gV48 0.0229410487% 2
1AfUvSt5niHxK3rXirg6PPjX1vHAhH2xq5 0.0217795946% 4
1LWNgKGJbNay3sv9zXkoFWz3YPdquvjqqf 0.0134652748% 2
2 16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 0.0127191175% 4
2 18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 0.0098792337% 4
1CwUXZj8RgazBJ2MebXaT3si7APtCcyfM2 0.0034772095% 2
16FafbhV69ZGF6LgRBRvtva8YDQZkrWoMw 0.0029778368% 2
1BZaVwqgfnzPSG2f87n37stWBDzrbLxP2Z 0.0029742616% 2
4 1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0011167496% 8
2 1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 0.0005619961% 4
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 0.0005416019% 2
14NaoDXNcgQApFGk6rMCKWkYHdLcWTXJi9 0.0004192744% 4

Sent Transactions (Oldest First)


d2343b633648df54a97f1c17cbc61ae0c8b3fc6eaa4834aba95b1dedaa749c11 2015-02-28 15:13:51
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.02 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.00080742 BTC

d760ca520a51ccfecb8b13d57e9e9361dd33432277244db121f388b5464f3a69 2015-02-22 08:20:44
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.134 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.00090742 BTC

9ea39386edb73af774d4dd4d455893686e217434deb09a8525945b86b31b28d6 2015-02-14 15:41:15
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.50074716 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0009 BTC

e5400443d745dc65529e2a44af0c632412649f4fe03b181821cf0f7951b82d77 2015-02-07 16:23:55
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.95812075 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.0008 BTC

e31d379a23c416acd81312ff7fcf5ab6440101d38966edd76bc33649a450ec6e 2015-01-21 16:37:46
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1A4R1UWVyChjDJYQMkNeGBW1L2ykzr6si5 0.02 BTC

1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 0.1049 BTC

b41a1c2e3a1cce3eb21d4a6dc2dead8ebe82aa1223ff084a41a6450acc17b27d 2015-01-11 21:03:03
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 147KA4pZNoWa6aqZjEkGGQqSQCNTgr6Zt9 0.0009 BTC

Bitcoin Address Addresses are identifiers which you use to send bitcoins to another person.

Address 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5
Hash 160 7683fe644e422fb5eb188f4b5f88acf8c22609dc


No. Transactions


Total Received

153.42158471 BTC

Final Balance

0.00000001 BTC


Received Transactions (Oldest First)


5e61490cdc5e4b8301fae79005adf16e23cafc9c647a4bf1d95ae4c242b816ce 2015-03-02 14:29:40
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.637 BTC
b1d8165b8a0a00152a52e70c0b0e63f4b4a8a28c3a4f5768f6aa4a2d6a9c5536 2015-03-02 14:29:27
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.8196 BTC
d2343b633648df54a97f1c17cbc61ae0c8b3fc6eaa4834aba95b1dedaa749c11 2015-02-28 15:13:51
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.02 BTC
2649bea8642dff5df722ae4603934e6923d3792fb3e8ca130cc13baf3f227710 2015-02-26 21:19:03
1ABR7zQKUwd6bm6Yn4vMdKcZeS5rvWTKKN 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 9.7495 BTC
c3bf2e86f0c463962cbaa8e306c4274bc8149123c01ae6bfd78301ff6cb954f0 2015-02-25 14:24:30
19jhCRTBY9wiRz8tZdrXZhSc4Fh959gV48 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.2242 BTC
d760ca520a51ccfecb8b13d57e9e9361dd33432277244db121f388b5464f3a69 2015-02-22 08:20:44
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.134 BTC
f0bb075efa6f62831c62c4de5bdc8fee61b06190d91b869b128191e51a389c08 2015-02-21 07:30:05
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.303 BTC
b45790b0d2330e8bd247dd1650fd51d89131caccce1ad8abb83d67de78646a22 2015-02-17 16:58:37
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 3 BTC
9ea39386edb73af774d4dd4d455893686e217434deb09a8525945b86b31b28d6 2015-02-14 15:41:15
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.50074716 BTC
70c5bc162ae7ebe0814ccb4529b5c139053a41cc89d0aede009753c6fdeedfcd 2015-02-08 15:07:55
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.41286591 BTC
e5400443d745dc65529e2a44af0c632412649f4fe03b181821cf0f7951b82d77 2015-02-07 16:23:55
1E7JXT4jVJxdED9B2XDcGXk3CKvfjkypvM 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.95812075 BTC
3ed07babaaf8000abf84f9950cb4969996fbd7ea0aca734c84af4157f7296497 2015-02-07 10:25:56
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.59441341 BTC
356c5442b5b6abd8ffff132d782e9272a8289e8fa76ed9bd9a7326186d60a58a 2015-02-05 19:17:10
16Nh2MDRLDgCdNw1Jc62Uae2qfdy5LatGE 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0569 BTC
7dafde347e78b72d60c8d0f3a8c78035d5a27a9be8ff1d5ae67f01dd7ab71eb7 2015-02-05 11:06:19
12aSH5k86L2CcKHeyo997JAZCioD6dE2fX 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3 BTC
6bab0248f7cd1b9ed69c91cf2a728a4428ed37af74feafca8a996ef11fb84428 2015-02-03 17:27:22
1UtLFi4Tq3J78295tj2g2JwfhdAxUSE4T 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.71691792 BTC
b8ee473482dee0a313f5c833d2682c3076ce1a931aabae803facf9d4eeac2823 2015-02-02 20:21:19













1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.9295 BTC
b93269e8522ccf0f646e170c2b88a354ec36cd8f723aa1ecc243b467cc8e77d1 2015-02-01 17:30:14
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2 BTC
815fe7054809568843e6d1a706b6f03ebae4b35f10076bccc5cc56fefa318ec0 2015-01-31 10:18:57
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.34807701 BTC
0a7ba0d195f7bbae16fc3e0bdb9124f4c106ab953f4bd9dbb5e50637793836f5 2015-01-30 17:44:35
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.47689935 BTC
eb180a98e0dd55bf7a48e7d8abaf1c8cfa85a5d0ed6f996a2fb159c6b2b00daa 2015-01-30 17:26:53
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.77930403 BTC
4bdb980c4f7964789f58d99186f427a2073fc436a238248eb19b66449814f678 2015-01-27 18:16:43
1NtHN8Tx7MSGZ3XNx5iyNSRqsmQVnb3Ab6 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.5255 BTC
cd7ba1d6231ebac72bb542845ea082519af38deb5cd62b01ef09fc9c7f3ffe52 2015-01-27 17:23:51
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.5987 BTC
d801968aead1e48ed8b7d941379ae191c5e3c27f6e2a0721f207046b10b9f469 2015-01-25 17:25:05
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.2059 BTC
d09cb66b7aab5832d14ce57220664441633f2f17222093f7e901c568c8c463a5 2015-01-23 11:08:11
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.94594443 BTC
f501a0c2c12124917dda86995f0fc8fd86767a98b7fc0b2d63767e7e36fb33d1 2015-01-21 11:17:40








1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.4155 BTC
4db751b68ca82a6b66d3283af95204c7e541672b7adbda0a8e67569f2918b2ec 2015-01-21 06:55:52


1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.7465 BTC
0e40583f045e251332c5bd762d6c7d8ebfc0a2d772be89088c9fc789b38eb167 2015-01-20 18:20:54
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.7749 BTC
c6c5f97658fb4eaf2fb9343e7b66ac17d3308b94bd91583a5b2cc39134ec4309 2015-01-20 17:11:35
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.09112807 BTC
361cfc04b5dfa2f2bef8d35cb6ec21e5d57ba2efaf202a01262216dabcf6f128 2015-01-20 14:11:08




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3533 BTC
39cc788c8a3d6ab1add20334ab97fb985bb96d024576613a732e218d70458a7e 2015-01-19 10:47:31
























1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.9035 BTC
025081d1eee8aeb1bc6141f736e8ac7e4668793561760b43b232554bb12be570 2015-01-17 18:24:39



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.2735 BTC
b7f78287ad2bbb1a156ae0298f4cbac50a61d700ebedb1a7969a9a7fca8361d3 2015-01-17 07:27:43





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.5645 BTC
47e127e6ede6a7a11175a0253f3b3c54b21c381358f6f7d97ffa0bfb700ebf48 2015-01-16 10:08:41
1Lv9cChvuMg1HM1ct4t6GoSQwA8sR8ZSmV 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.1265 BTC
e37d015b8bd169eaa7731e73befdad2a49a181d5b1f7de6a089bdeb84f88aa02 2015-01-15 17:13:52
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.4349 BTC
0454c717af60f009932edaba62bf787fcd9b3c0d46e74c25ba0ea8f2f3741cf7 2015-01-15 16:36:17
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.9 BTC
c713a77d1f67a30865d832def49a366b8d603ec18d2fe68fbc09ae05479cb510 2015-01-15 13:39:24
1HGW1CcZHXqGZ4CMEH7tPAPUq7y97JMNx 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.15 BTC
c3188223fd86ec20527855a170e4919046db07413c17b046f48948e871e939ac 2015-01-13 15:27:35
1BKTXyCsdrcBGJt1UEnjCLMK1Ko6wePLty 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.699 BTC
4ec44ccde9b150ddd17f72c732b51dfec371abbf2a5ddbecc043d5991f60d9bb 2015-01-12 15:43:48
1HGRgfAQfi4HNP6D6tFipepq3R9Mj5tBZU 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0749 BTC
dc88011b62a5fb504dd780d962c8e38c344dfeb5c52469bbc8abc230953be837 2015-01-10 08:04:35
1CtKXKwZ4A2hiLLBedn4zZ7jRXDAmm3G5j 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.7995 BTC
810866b8b4a3673833e53afbe8ad3d6dd68d50ccae7124f27f2ecebf63a5c5f8 2015-01-10 03:28:47
















1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 12.4795 BTC
b59347e37295025edeea36671321ed7f5a42e26fc486d267636243bc9adb7756 2015-01-09 14:42:21
1C8bhkiKmm7e8f5V7uhdq2zPS98QR8QLc1 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 6.3395 BTC
b71f5872afcfbdf38509bd59f558a68e344876f771b6fc779b2e78242391e6f9 2015-01-06 11:25:28
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.995 BTC
08929a68ec2a0568f2a3ee0ce631918f5bb42b5230262d3b395b5aa0cc953d9d 2015-01-06 11:24:34
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
71eda6b3463bfe4c7722a20f8a29cd6f1e38c0770fefc7e6574cf8743b187496 2015-01-06 09:40:42
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.5408 BTC
25c71f88137267efb20463db1b65084ccc2258f7f316e77130dbc3e26e0847bf 2015-01-06 08:57:31
1AH736hXH5FL4hwzK33jekiUAPxVUf6nAr 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2 BTC
e783db2d942d7f96283547814c588c50ab94e105e4fc767fdd4404422efea8ca 2014-12-31 09:09:52
1MSc45GE7PH5pb3QCT18AhvtUwaPiQ8zzd 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.08645221 BTC
19c30fd66202b866f5c5831923cce78997717ba941481f80d0654b62b0b325ea 2014-12-28 09:52:04
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
bf0d61d592384a4032ace6cfb0bbd6fd16ac15ea0dc3c9f067a4a2677596b7c4 2014-12-27 15:43:45
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
f687acbb563fb9e7a4076a3e69b2bebbb005f2f35ec7180d3421d22560d2bfd8 2014-12-27 15:38:41
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
b119fbec62be2bdae512848de0ea00498f11d1f176641a99eabb17c00c8b6ec2 2014-12-27 15:12:22
1GJq5nqAgZDDM3rWfobhJXDf1AEQtkYEPz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC

eceived Transactions (Oldest First)


2a4a2c714d51875dcd3cee6638ecff91c06d0720cd87d242ffee9a7c1a23be91 2014-12-27 13:44:53
1ESgfptPcdBoxLjBji7MpdUbDu5UhXtASh 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.62713021 BTC
7468540ae9b5bd65b8543cbe0dde2456add54a57562e5e90e05ea4cde248f3ba 2014-12-20 18:01:57
1BQRe4fFy8eBAwiahxXgHnMsEgict1sAbv 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.3616 BTC
918b9604eb0d3b9cc6da92887263960768c8fc43bdaa3fd698215b8c8eca47b9 2014-12-16 18:00:04
13dwHrjFwSbhLGHsQD1n2vY47q9nC6B8uR 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.009 BTC
ffdd823d74f5b560923abc7f7b4ab4bffe55e84d398e6b36ed5f9b7c743f3ac1 2014-12-15 16:49:43
1BZaVwqgfnzPSG2f87n37stWBDzrbLxP2Z 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0363 BTC
258f6df358fb0a2003c3dfc83deeb4486309cb9fe8d67149d9fcaf4b09294995 2014-12-09 05:58:57
1J9YqsZ9Ma9HKehmvvaoDWzTLjRXnR6BPv 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.10648424 BTC
fed414863b7e5af1b5c11f5307b8c3d5b485a2452c8eb70fd9f1d07835eac954 2014-12-08 12:56:12
1LL7pbKG7t6g1YGqGYi1FAyyspPEFD3aPY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4 BTC
492dcc537bc3c66bb9932dce8e244c5d0049ad37726b540c5d253eb8e5e22b41 2014-12-07 10:42:14
1DV8HJwoPPtAKYKgK7HDE6x4JtkaZsrJSY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.54 BTC
5a6bea6dddd1594f1bec99a5f7cd196842b8f2631096d32e855d24cdd149b9d8 2014-12-03 10:19:28






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 8.7445 BTC
b7e6c7d4b9780c8478603df9908814bddfc9eba10e3fc1956fb4be1c13a19508 2014-12-02 21:45:15
19waMbmQKh75vh6CWZ3M3AuxxfDgYaoUaC 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.6596 BTC
9af1c5853553c5b3ecd9e99627c9f37fd46d775332cfb66949c9b509ea6f819b 2014-12-02 12:00:07
18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.111 BTC
36a97960fa5618088cf644d10be85dcbca450e81c49ebdaf15d78b9a088dcf04 2014-12-01 19:07:04
1CR74kWgyj1Cvout5XJZNYDSmwhduzAqG5 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.6114 BTC
5435460786da0bde996bad2192f2901666f1628e6fbee8010b4ee1333476ea19 2014-11-14 15:24:01






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.2495 BTC
4174d19c7eec1d82726f9c7216fc97ef97de17c7729f4b69015f0a2a890d7732 2014-11-12 17:23:21






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 3.0025 BTC
066c0fbb3ecb5d72be7e53782faef56419a5de529474fada875debf1502c9407 2014-11-08 19:02:29
1ABR7zQKUwd6bm6Yn4vMdKcZeS5rvWTKKN 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 7.0745 BTC
ffabad79a099e18d9b871eec141fbd83b991da6aec7847d71f599bdc444f1851 2014-11-06 07:36:47





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 8.3135 BTC
3e9fbbf559d5c2be7d52ae9cb13828807897a0f1e2f9dc5cb016d56445c3f7ed 2014-11-01 19:14:00




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.1495 BTC
73f317e19dd602c6496a9422dc6a79c19fd6b50db5aa41739f617f9524f7f4f7 2014-10-22 11:57:27
18JwGuE6PW3K1R3EKjdoJxcM6TkfCB2ppS 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0647 BTC
db540ae8000d104fe573102af4c96a9a95796a21d64d6c413921f16fa9fd092e 2014-10-22 06:09:33






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 9.2745 BTC
bbca6248d6940e70b0644d808d378f309802d708225b55d6a4b377e4ed4a49b2 2014-10-16 06:23:37






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 4.6685 BTC
22ec2f8b394c281b7c47eb40cd102187e4720d4eb4cde3002c7c0b08f73097b3 2014-10-15 18:44:58





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.4225 BTC
8110148d0f816ab76a16aa455959e78c05bbf863a8a3b78eb14e4990b1a1669a 2014-10-10 15:28:11
16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1 BTC
21fba8e705793d4a291c0e8de8c1dc0b33a96b1c263facdefb1b855874e930eb 2014-10-10 06:11:40






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.5535 BTC
79540099c3cf5e1d05279209cdcc8e8333d6d908cd97c9ae7eb30f5606b4e823 2014-10-06 11:59:22
16wQPaxCNvJLmK27hkpALRtuEQj8J8s38B 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.529 BTC
c15bb4856612123b852877188be562e84eebda709c3b2f501154ea705d3cdc82 2014-10-04 15:40:20





1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.7095 BTC
e792ec4a5e7453e29d6ab763e10653f1f50144e55be8dec8b0b5ee08dd84ac72 2014-10-04 08:07:28






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.2735 BTC
9041df7610973ad18058862d898ea0b4ed7b997d861e2ab4ebca4f7a3168100e 2014-10-03 12:42:07






1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 2.0355 BTC
7c2350a971ab04e3010d7c7f1ec7d9fef8e8663ef3f789d74529485fc39a16db 2014-09-27 15:21:59
1TvYXhc6YoL1DrPbTF1aPEaLhiHhjduxz 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0993 BTC
55223201a2dbef26a43dd9a19bbbcf4c5daf084e1798410f341997611502b57b 2014-09-23 13:00:48
11ohjiVPjtBk3AxXYi6Hu1u1nDy46mnXY 1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.00000001 BTC
c835a7206640b10b0a3d803a8fe36d1f64ecd3933bd4b9c018bb84431359ef42 2014-09-23 12:47:26



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.0748 BTC
6242f92fd595e779918d050d889c7252877296d96b4325a7a325db22f7b3639c 2014-09-23 06:10:04




1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.1293 BTC
45b05888bb81fac7262891ba86a0e7a3552d15f514f1594f6b1642ba86fdec9c 2014-09-22 19:56:16










1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 1.7345 BTC
223daf20b77255cd7e208066c8a77e968fc6cdab6b7876673014df53a3ba9ffc 2014-09-22 13:03:06



1Boerin5zj8LvC25ehNTDRGsD3ybF2TUA5 0.27 BTC

Bitcoin 2.0 and the Segway Bike

Bitcoin 2.0 and the Segway Bike

gAtO Imagine – some of the business side applications we can build with future triggered events being executed by Autonomous Cyber Robots. All build on the basic Bitcoin 1.0 code but not using the coins but the blockchain – there be treasure in that blockchain but it’s all math ugh!!!.


Ok first what is Bitcoin 2.0? Basically it’s a new way to have a cyber robot or a cyber drone that can do what you instruct them to do. It is a timestamp triggered event and you can now just add business rules to it that will work in cyberspace.

What do you do online today?

  • Shop for things and have them delivered
  • Online banking
  • Buy and sell stocks and bonds
  • Send donations to Charities or political organizations

So now you can build cyber-business rules to be execute on the web and put them into one of these cyber robot or a cyber drone. I use these 2 terms because when people hear drones they think attacks and such and yes you can now build digital FINANCIAL  warriors that can execute based on events, millions of them and they can be used for good and evil.

timeStamp- or -blockchain-trigger event – robots with business rules- example//

  • Send 100 Bitcoins to my family every 6 months after I die.
  • Buy or sell stocks ambiguously  – Digital Business Contracts – or Personalities
  • Any transaction that can be performed on the web!
  • Set up a corporation by an Ethereum digital actors
  • Any Business rule that can executed digitally 

gAtO lOvE Ethereum //= it is a platform and a programming language that makes it possible for any developer to build and publish next-generation distributed applications. https://www.ethereum.org/  Next Generation Smart Contracts and a Decentralize Application Platform. Non-geek cyber-business rules OK…

GAtO used to lug around an Osborne luggable computer… 1.0 laptops – but gAtO was cool aligning 10MB (yes 10 Mega Bytes) hard rives the size of a large home freezer. The good old computers days… Out of hardware back to Biz -mEoW

MasterCoin – The Master Protocol facilitates the creation and trading of smart properties and user currencies as well as other types of smart contracts. Mastercoins serve as the binding between bitcoins (BTC), smart properties and smart contracts created on top of the Mastercoin Protocol. Non-geek cyber-business rules OK…

Similar Alt-coins but both the same (going after the business side) in a way but these seem to be a new wave of Bitcoin 1.0 off shoots. Now NameCoin and Trusted coin are on a different course, since they are more into the digital Notary service that can be done with any blockchain type Bitcoin off shoot. And LiteCoin 84 Million -versus- 21 Million in Bitcoins another fight but of a different financial play on this alt-coin. LiteCoin is around $10 bucks Per so we have to keep an I on them too.

Once again these another development are being built on the shoulder of the great Satoshi Nakamoto work. GaTo as a technologist love all these new and exciting toys to play with. Then I think about the Segway Bike I alway wanted one but then again really, I’m I really ready to give up walking? Back in 2001 it was so cool, it was the evolution of the bicycle or was it???

13 years later this evolution the revolution of the bicycle is seem by most as the Mall Police ride by. Ok maybe in Seattle or San Francisco I can see that but really. Now Bicycle Cops are everywhere but real cops on a Serway Bike – you know maybe I don’t really want one anymore. But I wonder if I can buy one with Bitcoins? ummm

DogE-Coin is hot with the young bloods as a NEW digital currency that’s taking Reddit and other places by storm- I know gAtOCoin, maybe I’ll start one of my own, there only about 500 Alt-Coins around and growing all built on the Bitcoin core code. Bitcoin is only 5 Years Old -Wow- Imagine in another 3-5 years // world wide currencies all over doing different things creating the NEW Cyber-System D-(system) that no government can controls, of the people and by the people. Double -Wow

gAtO’s bet is on Bitcoin, simple it has payed it’s dues, from an underground play toy to International financial deals like flying to the Moon on Virgin Air, I wonder if I can buy that with Litecoins- you listening Richard Branson I’m mining Namecoin too Richard.

The new Bitcoin business Investors and Incubators are hopping with new Bitcoin 2.0 ideas, but is it different if it’s control by the users, not the sole players like the bankers and older financial players. But truth be told these will bring newer workable solutions that will trickle down to the normal person. We must be careful because these new worldwide cyber solution will have little government controls so the game is changing and the ability to jump on this but NOT to give up privacy with government toys like TPM – Trusted Computer Platform – yes July 2015 all Windows 8 devices will have TPM 2.0 in control of your devices. The US solution cyber Kill Switch.

AT least Apple has not added TPM into it’s hardware but they banned against Bitcoin -Steve told you to Innovate Apple- But that’s another battle.

You can trust your government spying on you IF you have nothing to hide RIGHT!!! - gAtO oUt

Digital System D-

System D is a slang phrase pirated from French-speaking Africa and the Caribbean. The French have a word that they often use to describe particularly effective and motivated people. They call them débrouillards. To say a man is a débrouillard is to tell people how resourceful and ingenious he is. The former French colonies have sculpted this word to their own social and economic reality. They say that inventive, self-starting, entrepreneurial merchants who are doing business on their own, without registering or being regulated by the bureaucracy and, for the most part, without paying taxes, are part of “l’economie de la débrouillardise.” Or, sweetened for street use, “Systeme D.” This essentially translates as the ingenuity economy, the economy of improvisation and self-reliance, the do-it-yourself, or DIY, economy.



Cyber Illuminate – Prism

gAtO lOcO-  I know conspiracy theory’s but this one stop me cold.  I was looking at a newscast and the NSA Prism illuminate_dollarlogo came on, OK pink Floyd – dark side of the moon rip-off but something caught my eye – the triangle on the dollar bill and the Prism logo triangle ummmm…. – an all seeing triangle -what every one tells about the Illuminate logo. If you apply a prism to data -it’s the same thing you grab all the light/data and filter it down to different data streams, categories -colors. I can see the meaning of the logo for prism now, wonder how much they paid a no-bid contractor for that logo.  prism-logo-61013

—a new world order – cyberspace —

Then I remember the CISPA fight we had a while back and on one of them it said. “Cyber Intelligence Sharing & Protection Act” that was pretty much the same thing we find now in what Prism does with phone and data collection. So my question is, if Prism has been going on since the Patriot Act and the NSA has been doing this legally.

Why CISPA? Why SOPA? Why PIPA? Come on Prism is legal so why all this data sharing when the government was doing it under our nose. I think what this kid Shoden did was stupid, but it’s his choice and he will live with this one way or another. What he showed us has opened a discussion that I think was needed in the cyber world. cispa

Cyber society is the new norm and we older-people must accept that these young men and women know this technology and how to use it better than we do. Cyberspace belongs to everyone today and I hope we together can change things for the better. But I don’t think the powers that be will give over so easily. Prsim is a perfect example of how the cold war mentality has change with the digital domain becoming more real. We will not recognize the Internet 10 years from now, but if the Illuminate have there way they will be watching us –  gAtO lOcO oUt…      Illuminate



Government use of Cyber Weaponized Exploits

gAtO rEaD- The government is buying hackers exploits – not to stop these sophisticated cyber exploits but to use these tools against it’s own people- they are using the tools to infiltrate computer networks worldwide, leaving behind spy programs and cyber-weapons that can disrupt data or damage systems.network

The core problem: Spy tools and cyber-weapons rely on vulnerabilities in existing software programs, and these hacks would be much less useful to the government if the flaws were exposed through public warnings. So the more the government spends on offensive techniques, the greater its interest in making sure that security holes in widely used software remain unrepaired. So your computer is vulnerable and the governments knows it and will not disclose this information, but use it against you to place cookies,RAT’s or other spyware into your computer -maybe- I trust our government don’t you?

If you got nothing to hide, you should not be worried… right????

So our Tax dollars are going to Hackers and cyber criminals that sell these exploits all over the world. As a tax payer I don’t like this part at all. But the worst part is by us taking the lead of cyber offensive cyber tools -example.. Stuxnet – it is a plan book for other countries to do the same. So what we do in cyberspace has become socially acceptable to do in cyberspace and then we bitch about China. I don’t get it – mEoW

Officials have never publicly acknowledged engaging in offensive cyber-warfare, though the one case that has beenmost widely reported – the use of a virus known as Stuxnet to disrupt Iran’s nuclear-research program – was lauded in Washington. Officials confirmed to Reuters previously that the U.S. government drove Stuxnet’s development, and the Pentagon is expanding its offensive capability through the nascent Cyber Command.

Then you have the Prism disclosure and PoW- US Cyber Agents Disrupt Publication of Popular Al Qaeda Magazine – This means that Obama’s cyber military is potentially capable of more targeted attacks, specified at damaging particular pieces of information or infrastructure. I wonder where they got those vulnerabilities? maybe some bad guys—/Nato_cyber_plat

What worries me is as the U.S engages in these attacks our enemies are learning what is acceptable in cyberwar. So we must be careful not to lose the fact that everyone is watching what we do and how we treat cyberspace and others governments will follow, defensive and offensive, they are learning from the best the U.S. Government -gAtO oUt

ref: http://www.reuters.com/article/2013/05/10/us-usa-cyberweapons-specialreport-idUSBRE9490EL20130510






Offensive Cyber Capabilities

Companies Need Offensive Cyber Capabilities

gAtO hEaR - about banks seek U.S Help on Iran Cyberattack’s. We hear about cyber attacks in the financial sector, the oil and energy sectors, then Leon Panetta warned perpetrators to cease hacking the US while we have all kinds of sanctions against Iran -/ this is insanity. Your telling unknown hackers (we suspected Iran) to  just stop, or what. What can we do to prevent them from launching cyber attacks against America.

So Iran has only 3 NAT-access points and 1 submarine cable (Al-Faw, Iraq submarine cable)


Then you have all these security people putting up defenses without building a firewall so bad-ass that they cannot do business. If we keep building these defenses it will get to a point where it defeats the purpose of the Internet. So what is the logical next move, offensive cyber weapons and capabilities. We can find these attacks and pinpoint the IP of where they are coming from then all we need is offensive tools to find them and do a seal-team 6 extraction of something like that and get the word out that we will find you and hunt you down.

One little hacker can keep a bank tied up for days in the middle of the desert. They could go after our traffic system, our rail system we know that SCADA is so messed up and in some cases open with defaults passwords. So we beat our chest like some mad gorilla and hope to scare these hackers.

My friends we must take initiative and find ways to counter these attacks no more just defense and I don’t mean a Ddos attack that can be circumvented. We need to plant Bot-nets on these people’s machines and monitor them and if we have to go physical and bring them to justice. Forget about Iran and let’s just talk about Chinese hacker attacks of our intellectual property. They just denied it and go about planning the next attack. We seen Skynet were thousands of computers were given a disk wipe and the blue screen of death. Why don’t we do the same to these hackers going after our infrastructure.

We must change our tactics and be a little more aggressive and become real cyber warriors not just defenders but attacking them and destroying their machines, their servers and routers. How about we just monitor the 1 submarine cable and 3 access points in Iran that should lead us to some of these people. The US monitors our own people then we stand by and allow other hostile countries to go and hack us. This is cyber insanity - gAtO OuT



Government Spying on everyone -Thanks Microsoft

gAtO lEaRnOn 01-01-213 we hear that Microsoft buys Skype and makes changes to allow Police surveillance. Then on 01-07-2013 we hear that a professor at the Warsaw University of Technology, Wojciech Mazurczyk, found a way to insert secret 70 bits of data and add secret information similar to steganography.spy-spy

Lawful Intercept is what it’s called and we just heard punch – counter-punch from the government. I just posted about corporations and governments using offensive cyber weapons to fight crime, but this looks like just plain old spying on citizens like China, Iraq and Syria does. Skype is owned by Microsoft and we know that Word and other products have back doors for them to snoop and governments to use in criminal cases. I guess they do it the proper way and get a real FISA document to monitor us it’s citizens.

mEoW 12-30-2012 our re-elected President Obama signs FISA Warrantless Wiretapping Program. STOP – SAY WHAT. mEoW – Forget about gun control how about the privacy of citizens, are we becoming like China, Iraq and Syria the more I find out about this the crazier it becomes. I hate Skypes but now finding this out NO WAY DUDE-

I did a little digging and I found a document from the Straford hack from the LutzBoat crew and this has been on the play board for a long time. More and more governments that play nice with the America and Microsoft will have to live with the fact that they are spying on us, the people. I voted for Obama but I’m pretty sure any president would want to be able to justify this abuse of power to monitor it’s citizens, what get’s me is we scream and yell when other countries do it but here we are doing to ourselves and nobody is talking about this- Hay press wake up. I have nothing to hide but if you do you have been warned – enjoy your government spying on you behind your back - gAtO oUt

Lab Notes:

IT security continues to be the greatest challenge facing government CIOs worldwide. Most experts agree that governments require stronger partnerships between the public and private sectors for both better protection of government IT systems from intruders and for greater visibility into operators’ network traffic to fight crime. However, government systems and intelligence activities constitute a very sensitive information environment. Governments must proceed with caution when forming technology partnerships for hardening their IT network security. Melissa E. Hathaway, who in February 2009 was named to be the Obama Administration’s top cyber security official, points out how

Lawful Intercept


Criminals, predators and hackers now use chats, blogs, webmail and Internet applications such as online gaming and file-sharing sites to hide their communications.


Qosmos provides law enforcement agencies with a powerful solution to identify a target using multiple virtual IDs and intercept all related IP- based communications. Any trigger, such as a “user login = target” initiates intercept of all IP traffic related to the “target.”

Example of recognized applications and protocols

VoIP Email (POP, SMTP)

Webmail (Gmail, Hotmail, Live Mail, SquirrelMail, Yahoo mail, etc.)

Instant Messaging (Aim, SNM, Skype, Yahoo, Google Talk, QQ, Maktoob, Paltalk, etc.)

Online games (World of Warcraft)

Online classified ads

Audio/Video (H.323, SIP, MGCP, RTP, RTCP, MMSE, RTSP, SHOUTcast, Yahoo Video,

MSN Video, SCCP, etc.)

Web applications (Dailymotion, Google, eBay, Google Earth, HTTP, MySpace, Wikipedia,

YouTube, etc.)

Example of information extracted

Caller, phone number, called party, duration of call

Webmail login, email address, sender, receiver, subject matter, attached documents

Instant messaging sender, receiver, contact lists and status

Forum login, IP address, MAC address, mobile ID (IMSI, IMEI)

Protocols identified even for unidirectional traffic (e.g. email by satellite).





The deep Dark Web -Book Release

gATO hApPy

AVAILABLE @ AMAZON - http://www.amazon.com/dp/B009VN40DU

AVAILABLE @SmashWords website  @http://www.smashwords.com/books/view/247146

I learned that I hate WORD: – but it’s the general format for publishing  – text boxes- get imbedded and you can’t format to EPUB or .mobi or anything – solution after going lOcO gAtO - was copy and paste into txt editor – save as RTF then copy paste back into a new WORD document and then reformat everything from scratch – and copy over the pictures – as you can tell I had fun-..-ugh mEoW F-F-F-F as much fun as a hairball but if it get’s the message out “FREEDOM OF SPEECH IN CYBERSPACE” then we done our job, anyway I hope you read it - Thank you Pierluigi a best friend a security gAtO ever had – gATO oUt

This Book covers the main aspects of the fabulous and dangerous world of -“The Deep Dark Web” . We are just two cyber specialists Pierluigi Paganini & Richard -gAtO- Amores, with one passion and two souls we wanted to explain the inner working of the deep dark web. We have had a long collaboration in this efforts to document our findings we made infiltrations into the dark places inaccessible to many to give a you the reader a clear vision on the major mystery of the dark hidden web that exist today in the Tor Onion network..

The Web, the Internet, mobile cell devices and social networking has become commonly used words that identify technological components of daily Internet user’s experience in the cyberspace. But how much do we really know about cyberspace? Very, very little, Google / Yahoo / Bing only show us 20% of the Internet the other 80% is hidden to the average user unless you know were to look.

The other 80% of the Internet is what this book is about the “Deep Dark Web”, three words with millions of interpretations, mysterious place on the web, the representation of the hell in the cyberspace but also the last opportunity to preserve freedom of expression from censorship. Authorities and corporation try to discourage the use of this untapped space because they don’t control it. We the people of the free world control this network of Tor -Onion Routers by volunteer around the world.

The Deep Dark Web seems to be full of crooks and cyber criminals, it is the hacker’s paradise, where there are no rule, no law, no identity in what is considered the reign of anonymity, but this is also the reason why many persecuted find refuge and have the opportunity to shout to the world their inconvenient truths.

The Deep Dark Web is a crowded space with no references but in reality it is a mine of information unimaginable, a labyrinth of knowledge in the book we will try to take you by the hand to avoid the traps and pitfalls hopefully illuminating your path in the dark.

Cybercrime, hacktivism, intelligence, cyber warfare are all pieces of this complex puzzle in which we will try to make order, don’t forget that the Deep Dark Web has unbelievable opportunity for business and governments, it represents the largest on-line market where it is possible to sell and acquire everything, and dear reader where there is $money$  you will find also banking, financial speculators and many other sharks.

Do you believe that making  money in Deep Web is just a criminal prerogative? Wrong, the authors show you how things works in the hidden economy and which are the future perspectives of is digital currency, the Bitcoin.

This manuscript proposes both faces of the subject, it illustrates the risks but also legitimate use of anonymizing networks such as TOR adopted by journalist to send file reports before governments agents censored his work .

Here are some question we may answers to:

How many person know about the cyber criminals and their ecosystem in the deep web? 

How many have provided information on the financial systems behind the “dirty affairs”? 

How the law enforcement and governments use Dark Web?

Let’s hold your breath and start the trip in the abyss of knowledge to find answers to the above questions. We hope that with this book you can learn something new about – The Deep Dark Web.


Pierluigi Paganini – Cyber Weapons – Cyber Threat Summit 2012

Excellent presentation from Pierluigi at the ICTTF Cyber Threat Summit 2012. Apologies for the microphone problems (some twat in the audience was using a frequency jammer).The rise of Cyber Weapons and relative impact on cyber space. Well worth a watch.

Pierluigi can be found at http://securityaffairs.co/wordpress/ He is the co-author of the new book

The Deep Dark Web – coming soon


Free Bot-Nets Anyone

gAtO wAs - looking for code for bot’s to see how they work and I want to tell you it’s been kinda easy to find lots of bots…bots, code and DIY kits./ OK [1] below is the list of the Bots I found downloaded and playing with them to see how they work. Another part of this problem is it’s not just code and DIY kits, but code_mixer is a library that allows you to generate new Virus, undetectable to AV software. I also found different versions of Bots and different type of networks, IRC bots, http_bots, p2p_bots and on top of all this I found all kinds of discussions about how to make them ToR enable which has been going on for a while. Hiding a sophisticated c&c Bot-Master server in ToR ONION NETWORK IS EASY.

gAtOs –/ bot-net collection /–

I also wanted to know if these bot’s and code was not just old code stuff- well some is old by Internet years 2009 – that’s a long time in cyber pirate years but polymorphing code works no matter when it was created and it hides virus and worms really easy from AV systems especially if it’s a new version of the bots . Another thing I wanted to find is STUXNET, DUQU, FLAME SkyWriter and other famous Bots. Well I found samples of these — not just one but hundreds of version of these bot’s- and it was easy I included a list of some of the more newer bot codes.[2]…//

Oh I forgot ToR and Bots including  STUXNET, DUQU, FLAME SkyWriter and others do run in Tor onion network just check out the – insert date – First seen – Last seen – dates on this list . you may also check out —https://zeustracker.abuse.ch/statistic.php  — I found that my builder version showed that I had found Zeus and is the number one version of zeus bot-net.  

One easy bot design is to use Tor2Web as a way to access a c&c server in Tor without running Tor on the infected client. The Tor network is getting more popular and people see that they can’t be caught in Tor so they are building lot’s of new Bots that run all over Tor – p2p and http and they are starting also new places like i2p networks and running bots—/   -gAtO oUt

[1] the list of Bots and code 

  1. _blackShades_4.8 Net -
  2. Black Pro _LostDoor v5.1
  3. BlackShade 4.8
  4. Blackshades NET v4.2
  5. Blackshades NET v3.8.1
  6. Blackshades_Archive
  7. Botnet Packet
  8. dark_Comet_1342319517
  9. ebookskayla-1
  10. G-Bot_1.7
  11. INCREDULiTY – ClientMesh
  12. ISR Stealer 0.4
  13. KnollKeylogger-1
  14. LostDoor Black Pro v5.1
  15. open source Exploit Pack
  16. optima10_ddos
  17. ProRat_v1.9 SE
  18. Spy-Net v2.7 Final
  19. SpyEye 1.3.45 Loader
  20. spyeye_tutorial
  21. Stuxnet_Laurelai-decompile-dump-2e11313
  22. Ultimate_Spy-Net v2.7 Final
  23. x_1ST-SECTION FILE INFECTOR, library+example,
  24. x_007
  25. x_arclib
  26. x_avp_troj
  27. x_code_mixer
  28. x_dscript
  29. x_eicar
  30. x_http ASM
  31. x_infecting *.HLP files (example/description)
  32. x_m1
  33. x_mistfall
  34. x_Mistfall.ZOMBIE-z10d
  35. x_pgpmorf1
  36. x_pgpmorf2
  37. x_tp_com
  38. x_zhello
  39. ZeuS 2.0.8-1.9
  40. Zeus collection
  41. ZBOT
  42. zeus
  43. ZeuS – experimental
  44. Zeus Analysis Website

—[2] STUXNET, DUQU, FLAME SkyWriter and a few more bots in the wild check out the last seen date…







Flamer Bots  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
d73fe5f9f8dc2fc68aea57ba5c0353f4 2012-07-16 2012-06-07 09:11:15 2012-06-19 20:28:53 Win32/Flamer.A Win32:Skywiper- N [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Trojan:Win32/Fl ame.A!cert
06a84ad28bbc9365eb9e08c697555154 2012-06-26 2012-06-05 11:24:36 2012-06-08 12:08:30 Win32/Flamer.A Win32:Skywiper- K [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!D Armadillo v1.71
0a17040c18a6646d485bde9ce899789f 2012-06-20 2012-05-30 12:45:05 2012-06-29 21:10:27 a variant of Win32/Flamer.A Win32:Skywiper- H [Trj] HEUR:Worm.Win32 .Flame.gen Trojan.Flame.A Worm:Win32/Flam e.gen!A
581f2ef2e3ba164281b562e435882eb5 2012-06-20 2012-06-01 06:09:15 2012-06-08 21:49:22 Win32/Flamer.A Win32:Skywiper- E [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
5a002eb0491ff2b5f275a73f43edf19e 2012-06-20 2012-06-01 08:13:39 2012-06-29 21:15:07 Win32/Flamer.A Win32:Skywiper- E [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
7551635b101b63b215512b00d60e00f3 2012-06-20 2006-07-18 04:31:57 2012-06-20 04:19:30 probably a variant of Win32/Agent.IGOUUZX Win32:Trojan-ge n Backdoor.Win32. Bifrose.cgfb Trojan.DialUpPa sswordMailer.A Trojan:Win32/Du twiper Aspack ASPack v1.08.03
75de82289ac8c816e27f3215a4613698 2012-06-20 2012-06-01 06:17:01 2012-06-21 06:36:16 Win32/Flamer.A Win32:Skywiper- L [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
8ed3846d189c51c6a0d69bdc4e66c1a5 2012-06-20 2010-10-05 03:56:52 2012-06-21 06:21:20 Win32/Flamer.A Win32:Malware-g en Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
bddbc6974eb8279613b833804eda12f9 2012-06-20 2012-06-01 03:37:00 2012-06-21 06:23:32 Win32/Flamer.A Win32:Skywiper- K [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!D Armadillo v1.71
c09306141c326ce96d39532c9388d764 2012-06-20 2012-06-01 08:09:24 2012-06-21 06:43:33 Win32/Flamer.A Win32:Skywiper- L [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
cc54006c114d51ec47c173baea51213d 2012-06-20 2012-06-01 08:13:46 2012-06-01 10:05:08 Win32/Flamer.A Win32:Skywiper- E [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!C
e5a49547191e16b0a69f633e16b96560 2012-06-20 2012-05-30 14:22:32 2012-06-28 00:41:49 a variant of Win32/Flamer.A Win32:Skywiper- H [Trj] HEUR:Worm.Win32 .Flame.gen Trojan.Flame.A Worm:Win32/Flam e.gen!A
f0a654f7c485ae195ccf81a72fe083a2 2012-06-20 2012-05-28 14:37:54 2012-06-24 11:31:16 Win32/Flamer.A Win32:Skywiper- A [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!B
cb5 2012-06-19 2010-07-20 13:41:34 2012-06-24 11:30:50 Win32/Flamer.A Win32:Skywiper- I [Trj] Worm.Win32.Flam e.a Trojan.Flame.A Worm:Win32/Flam e.gen!A
0464e1fabcf2ef8b24d6fb63b19f1064 2012-06-18 2012-06-11 08:06:23 2012-06-11 08:06:23 Win32:Skywiper- A [Trj]
09d6740fd9be06cbb5182d02a851807d 2012-06-18 2012-06-11 08:14:24 2012-06-11 08:14:24 Win32:Skywiper- C [Trj]
780c5bc598054a365a75d10ac05a3157 2012-06-18 2012-06-11 07:50:56 2012-06-11 07:50:56 Win32:Skywiper- D [Trj]
cb98cca16865aa2330d2cf93fd6886ff 2012-06-18 2012-06-11 07:41:19 2012-06-11 07:41:19 Win32:Skywiper- E [Trj]
fac96cf0f5a43980635f6a6017a5edb0 2012-06-18 2012-08-04 06:42:23 2012-08-04 06:42:23 Win32:Skywiper- F [Trj]
bb4bf0681a582245bd379e4ace30274b 2012-06-16 2012-05-28 14:37:53 2012-07-25 19:03:03 Win32:Skywiper- D [Trj] Trojan.Generic. KDV.641104
Checked on VT at 2012-07-25 02:22:38

—DUQU Bot  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
2f5a23b67e6928d58df136fb3431c1a2 2012-08-27 2012-06-27 09:06:34 2012-06-27 09:06:34 Win32/Packed.ASProtect.CEC Win32:Duqu-L [Rtk] Trojan.Win32.Ge nome.fxan Backdoor.PCClie nt.1 Armadillo v1.xx – v2.xx
362b306967fa08fa204e968613c48b54 2012-08-27 2012-06-25 19:17:57 2012-06-25 19:17:57 a variant of Win32/PcClient.NDO Win32:Duqu-L [Rtk] Trojan.Win32.Ge nome.cfwz Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Themida Xtreme-Protecto r v1.05
5a8b8b55e7d12bcaee50af462d70e4f1 2012-08-27 2012-03-23 03:56:59 2012-03-24 06:50:48 a variant of Win32/TrojanDropper.Delf.NXY Win32:Duqu-I [Rtk] Trojan-Dropper. Win32.Agent.wzj Trojan.Generic. 2087186 Backdoor:Win32/ Delf.RAN
71c91c34ef08b0222a7385a9fc91a156 2012-08-27 2010-01-07 16:30:15 2012-08-01 21:30:31 Win32:Duqu-L [Rtk] Trojan.Win32.Ge nome.ptdr Backdoor.PCClie nt.1 NSPack NsPacK V3.7 -> LiuXingPing
78efa3d89fa835c2d841ca021ba04f9a 2012-08-27 2012-06-20 16:29:55 2012-06-20 16:29:55 Win32/PcClient Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.akqr Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient NSPack
7e995e30b3c752d55708ba70b64c576d 2012-08-27 2012-07-01 03:18:29 2012-07-01 03:18:29 a variant of Win32/PcClient.NEK Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.eld Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Malware_Prot.AJ
8fb8994eb25f35d1e4f62ab00871170b 2012-08-27 2011-11-30 06:35:32 2011-11-30 06:35:32 Win32/PcClient.NCD Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.eld Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Malware_Prot.AJ
90fc2ddf9985d14d4252b016018852af 2012-08-27 2012-06-27 06:46:46 2012-06-27 06:46:46 a variant of Win32/PcClient Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.dire Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient
9a9e77d2b7792fbbddcd7ce05a4eb26e 2012-08-27 2011-11-02 03:07:36 2011-11-02 03:16:28 Win32/Duqu.A Win32:Malware-g en Trojan.Win32.In ject.bjyg Trojan.Generic. 6658401 Trojan:Win32/Hi deproc.G UPX_LZMA
9d00bebb4be61eb425ef8adfa05968fd 2012-08-27 2012-05-23 12:23:42 2012-05-27 21:59:18 a variant of Win32/PcClient.NBG Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.hnp Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient ASPack v2.12
9dc323e0595caf5e5152b6353c6c7b58 2012-08-27 2012-07-01 09:01:29 2012-07-01 09:01:29 a variant of Win32/PcClient.NEK Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.eld Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Malware_Prot.AJ
b25cc61de1a0d2086356d7757b26e2ef 2012-08-27 2012-06-23 15:43:36 2012-06-23 15:43:36 Win32/PcClient.NBI Win32:Duqu-L [Rtk] Backdoor.Win32. Hupigon.bxjm Backdoor.PCClie nt.1 Backdoor:Win32/ Hupigon.ZQ.dll Aspack ASPack v2.12
bb9c97fe54b85179f9a83ca4cfdd24f3 2012-08-27 2012-07-02 11:06:55 2012-07-02 11:06:55 a variant of Win32/PcClient.NEK Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.eld Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Malware_Prot.AJ
ca7b6963a5b45b67e1bfa1a0f415eb24 2012-08-27 2012-06-29 01:20:37 2012-06-29 01:20:37 Win32/PcClient.NCD Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.eld Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient Malware_Prot.AJ
5d8932237d14019ae81e97c5b8951ef8 2012-08-15 2012-08-18 11:59:04 2012-08-18 11:59:04 Win32:Duqu-L [Rtk] HEUR:Trojan.Win 32.Generic Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient NSPack
6416039108bd666f073d51db5328f6c9 2012-08-15 2012-08-18 14:07:59 2012-08-18 14:07:59 Win32:Duqu-L [Rtk] HEUR:Backdoor.W in32.Generic Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient ASPack v2.12
774c19f455cff3a443e7f3a58983a12b 2012-08-15 2012-08-18 18:18:21 2012-08-18 18:18:21 Win32:Duqu-I [Rtk] Backdoor.Win32. Hupigon2.ja Trojan.Generic. 826880 Backdoor:Win32/ Delf.RAN
b19fe4b53d01d2746eb83e9fddd1eb67 2012-08-15 2012-07-16 12:33:52 2012-07-16 12:33:52 Win32:Duqu-L [Rtk] HEUR:Backdoor.W in32.Generic Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient ASPack v2.12
f41b0a33d2ca4ba05a95b1a9a40e7e28 2012-08-15 2012-08-19 15:09:26 2012-08-19 15:09:26 Win32:Duqu-L [Rtk] Backdoor.Win32. PcClient.agyu Backdoor.PCClie nt.1 Backdoor:Win32/ PcClient
2f4e30a497ae6183aabfe8ba23068c1b 2012-06-20 2012-06-11 17:02:50 2012-07-15 11:59:26 Win32/Stuxnet.A Win32:Malware-g en Worm.Win32.Stux net.v Win32.Worm.Stux net.E embedded  







—zeus  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
0a295bb2cbb44d9ba2e18bbfeb511d1d 2012-08-27 2011-02-24 10:59:09 2012-05-12 09:37:44 WinCE/Zbot.A Win32:Malware-g en Trojan-Spy.WinC E.Zitmo.a Backdoor.Bot.13 4855 Trojan:WinCE/Zi tmo.A
2b2dcecfd882efb2100ce28d09c89f75 2012-08-27 2009-01-30 05:49:27 2009-07-02 06:23:46 a variant of Win32/Spy.Zbot.JF Win32:Zbot-BCW Trojan.Spy.Zeus .C PWS:Win32/Zbot
33a6fef6d2487a95af539e532be424b2 2012-08-27 2011-09-03 03:28:17 2012-02-21 21:41:11 a variant of Win32/Zeus.B Win32:Malware-g en Backdoor.Win32. BotNet.ac Gen:Variant.Kaz y.8986 PWS:Win32/Zbot. TV UPX UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
4153a07347b3bdf74b527e51cc63a843 2012-08-27 2010-05-16 15:01:27 2010-05-18 21:58:47 a variant of Win32/Spy.Agent.PZ Win32:Zbot-gen Trojan-Spy.Win3 2.Zbot.myj Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. gen!A
4fe9b3febda0dd9e8f89ed29b1a39560 2012-08-27 2012-03-27 07:25:01 2012-03-28 09:48:26 a variant of Win32/Spy.Agent.PZ Win32:Susn-G [Trj] Trojan-Spy.Win3 2.Zbot.roh Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. GA
7b470095ce2887377e6f9e37fd0471dc 2012-08-27 2012-06-30 09:12:53 2012-06-30 09:12:53 a variant of Win32/Spy.Agent.PZ Win32:Zbot-gen [Trj] Trojan-Spy.Win3 2.Zbot.roh Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. GA
831d2fdb9ad258f68ce5924b1feac10a 2012-08-27 2011-10-17 02:49:20 2012-04-30 22:09:54 a variant of Win32/Spy.Agent.PZ Win32:Susn-G [Trj] Trojan-Spy.Win3 2.Zbot.roh Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. GA
9eb88298f93809ea7d733e29bb3d466b 2012-08-27 2007-11-16 20:51:16 2011-08-09 00:18:04 a variant of Win32/Spy.Agent.PZ Win32:Tibs-BND [Trj] Trojan-Spy.Win3 2.Zbot.adj Trojan.Spy.Zeus .2.Gen PWS:Win32/Zbot. gen!B
9faf0c526795ee01839ecb51074dd7ae 2012-08-27 2012-06-23 06:47:46 2012-06-23 06:47:46 a variant of Win32/Spy.Agent.PZ Win32:Tibs-BNF [Trj] Trojan-Spy.Win3 2.Zbot.adj Trojan.Spy.Zeus .2.Gen PWS:Win32/Zbot. gen!B
a05211df243da8a9e628b4767aafc989 2012-08-27 2007-11-17 13:55:10 2011-08-08 23:43:09 Win32/Spy.Agent.NDY Win32:Zbot-AG [Trj] Trojan-Spy.Win3 2.Zbot.po Trojan.Spy.Zeus .2.Gen PWS:Win32/Zbot. gen!B
aa874f7c37962240569ff35a030c2e71 2012-08-27 2012-06-26 08:59:57 2012-06-26 08:59:57 a variant of Win32/Kryptik.OV Win32:Zbot-FS [Trj] Trojan-Spy.Win3 2.Zbot.xw Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. gen!B
b484264bca4286f65d5cb68efefa9dc4 2012-08-27 2008-08-22 19:29:43 2009-01-08 08:22:34 Trojan.Spy.Zeus .1.Gen TrojanSpy:Win32 /Zbot.gen!C
c38412218981ddc0cd93d5d98971a781 2012-08-27 2009-12-19 06:17:33 2009-12-31 15:13:34 a variant of Win32/Spy.Zbot.UN Win32:Zbot-BCW Trojan-Spy.Win3 2.Zbot.aadb Trojan.Spy.Zeus .C PWS:Win32/Zbot. gen!R
c4905c4610b9c2992bc395429b7365ab 2012-08-27 2009-09-04 15:24:05 2009-09-04 15:24:05 Win32:Zbot-BCW Heur.Trojan.Gen eric Trojan.Spy.Zeus .C PWS:Win32/Zbot. gen!R
c70db2b312a23e11b5e671cac70db98f 2012-08-27 2008-02-19 12:29:14 2012-02-19 14:34:25 PS/MPC-Zeus-753 Virus.DOS.PS-MP C-based PS-MPC.0753.DN. Gen Virus:DOS/PSMPC .753
d16a1870603a0f7111c64584e6eb5deb 2012-08-27 2012-02-20 19:36:30 2012-03-02 01:50:10 Win32/PSW.Agent.NTM Win32:Zeus-A [Trj] Trojan.Win32.Ag ent2.fadw Gen:Variant.Zlo b.1 PWS:Win32/Farei t.gen!C
d1db75d0b93b0f1bda856242c8ab1264 2012-08-27 2009-10-15 20:31:08 2009-10-17 14:14:20 a variant of Win32/Spy.Zbot.UN Win32:Zbot-BCW Heur.Trojan.Gen eric Trojan.Spy.Zeus .C PWS:Win32/Zbot. QA
d5a75c535b33fc09f1ab6e181d59fc84 2012-08-27 2011-06-18 10:59:14 2011-12-09 01:49:01 a variant of Win32/Spy.Zbot.XO Win32:Zbot-ATL [Trj] Trojan-Spy.Win3 2.Zbot.roh Trojan.Spy.Zeus .1.Gen PWS:Win32/Zbot. C
e806cfe7d3257bf61f5b95215e3ec23e 2012-08-27 2012-06-23 03:56:28 2012-06-23 03:56:28 a variant of Win32/Spy.Agent.PZ Trojan-Spy.Win3 2.Zbot.adj Trojan.Spy.Zeus .2.Gen PWS:Win32/Zbot. gen!B
078b7684cbc5cd14770fb2c842ece7e4 2012-08-15 2012-08-04 03:55:52 2012-08-09 17:09:00 Win32:Susn-G [Trj] Trojan-Spy.Win3 2.Zbot.roh

—gBot  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
0017c17069fcd00a8c13e2e1bb955494 2012-08-27 2011-11-16 12:17:45 2011-12-14 17:33:12 a variant of Win32/Kryptik.VNB Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.rtt Trojan.Generic. 6903230 Backdoor:Win32/ Cycbot.G
0033496f9baa6c05dc709db64a7b8cef 2012-08-27 2011-11-19 12:30:08 2011-12-16 01:08:42 a variant of Win32/Kryptik.VZB Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.rwf Trojan.Generic. 6914846 Backdoor:Win32/ Cycbot.G
00392a6a7919d425e512c4466984f8f3 2012-08-27 2011-10-05 04:29:14 2011-11-29 18:00:26 a variant of Win32/Kryptik.TEV Win32:Cybota [Trj] Backdoor.Win32. Gbot.osk Gen:Variant.Kaz y.38517 Backdoor:Win32/ Cycbot.G
004ed94e35b42f7b76fb4b729573a123 2012-08-27 2012-01-13 03:41:13 2012-02-11 12:53:50 a variant of Win32/Kryptik.YBH Win32:Cybota [Trj] Backdoor.Win32. Gbot.qwk Gen:Variant.Kaz y.50582 Backdoor:Win32/ Cycbot.G
00b66b966778139c0b83721c5e307695 2012-08-27 2011-11-24 01:24:42 2012-01-02 23:04:36 Win32/Cycbot.AF Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.qwn Gen:Heur.Kelios .1 Backdoor:Win32/ Cycbot.G
00c789e5ae793c6be65482d4b472f0f0 2012-08-27 2011-11-18 16:42:21 2011-12-15 14:43:24 Win32/Cycbot.AK Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.rvk Backdoor.Bot.14 6893 Backdoor:Win32/ Cycbot.G
00daf7e9577d84c5949439b02f11af74 2012-08-27 2011-03-23 02:31:51 2011-07-20 22:11:40 Win32/Cycbot.AF Win32:Cybota [Trj] Backdoor.Win32. Gbot.aed Gen:Trojan.Heur .KS.1 Backdoor:Win32/ Cycbot.B
00ddbd4723ec6394f278fd5d3275a952 2012-08-27 2012-02-02 18:46:53 2012-03-29 17:13:40 Win32/Cycbot.AK Win32:Cybota [Trj] Backdoor.Win32. Gbot.qwt Gen:Variant.Kaz y.53272 Backdoor:Win32/ Cycbot.G
00deb18fb207bc020a30ff7b7550f279 2012-08-27 2011-03-19 21:01:29 2011-07-12 08:53:49 a variant of Win32/Kryptik.LOJ Win32:Cybota [Trj] Backdoor.Win32. Gbot.adk Gen:Trojan.Heur .KS.1 Backdoor:Win32/ Cycbot.B
00e762e7fe180b096207c7b72f608cc3 2012-08-27 2012-06-20 11:30:59 2012-06-20 11:30:59 a variant of Win32/AGbot.V Win32:SdBot-FJH [Trj] Backdoor.Win32. SdBot.ozd Gen:Win32.IRC-B ackdoor.fmW@aih z9oj Backdoor:Win32/ Gaertob.A Armadillo v1.71
00f3359898621f36a5251759a3a89495 2012-08-27 2011-11-11 20:35:02 2011-11-16 04:05:08 Win32/Adware.WinAntiVirus.AD Win32:Gbot-M [Trj] Trojan-Download er.Win32.Fdvm.b Application.Gen eric.386031 Trojan:Win32/Si refef.P
00f83d49831dc202e04478f670b96d50 2012-08-27 2011-12-14 07:28:20 2011-12-14 07:28:20 Win32/Cycbot.AF Win32:Cybota [Trj] Backdoor.Win32. Gbot.qmi Backdoor.Gbot.I Backdoor:Win32/ Cycbot.G
00fc1e69ca9031e5c47dfcde78dc0537 2012-08-27 2011-09-09 05:34:05 2012-02-11 20:04:14 a variant of Win32/Kryptik.RWA Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.iag Gen:Variant.Kaz y.34336 Backdoor:Win32/ Cycbot.G
0117b98cb2114c51c4d51831820cc8e4 2012-08-27 2011-04-02 06:56:59 2011-07-21 00:22:16 Win32/Cycbot.AF Win32:Cybota [Trj] Backdoor.Win32. Gbot.ahq Trojan.Generic. KD.163287 Backdoor:Win32/ Cycbot.B
016d69d4cbd779b63bb6927fa9c19730 2012-08-27 2012-03-10 20:03:49 2012-04-30 20:29:18 a variant of Win32/Kryptik.SUP Win32:Cybota [Trj] Backdoor.Win32. Gbot.oep Gen:Heur.Conjar .5 Backdoor:Win32/ Cycbot.G
0189fd7b339df01d4a4be1113520ad46 2012-08-27 2010-02-19 22:20:06 2012-06-09 04:12:35 a variant of MSIL/TrojanDropper.Agent.JF Win32:Malware-g en Trojan-Dropper. MSIL.Agent.fws Trojan.Generic. 3812196 VirTool:Win32/O bfuscator.NC
01e118c11c4145710ff1801f34a44bc7 2012-08-27 2012-07-05 15:25:49 2012-07-05 15:25:49 a variant of Win32/Kryptik.ACYA Win32:MalOb-IF [Cryp] Backdoor.Win32. Gbot.wkt Gen:Variant.Bar ys.3481 TrojanDownloade r:Win32/Carberp .C
021817e91793fa15bee2937fe2befddd 2012-08-27 2011-12-06 03:55:36 2012-01-03 16:39:38 a variant of Win32/Kryptik.VCE Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.qxq Gen:Variant.Kaz y.42337 Backdoor:Win32/ Cycbot.G
0229d3256bd2309f1d581533febdc1e7 2012-08-27 2012-01-31 17:40:43 2012-02-21 13:59:28 a variant of Win32/Kryptik.UVF Win32:KadrBot [Trj] Trojan.Win32.Jo rik.ZAccess.no Gen:Variant.Kaz y.41897 Trojan:Win32/Si refef.J
0296357c2952eafb29b2edeaf776a787 2012-08-27 2011-09-13 21:55:14 2012-02-12 16:34:09 a variant of Win32/Kryptik.RLK Win32:Cybota [Trj] Trojan.Win32.Jo rik.Gbot.epv Gen:Variant.Kaz y.33354 Backdoor:Win32/ Cycbot.G


—spyeye  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
004df992aa00f6a83388aeb55cf806bb 2012-08-27 2012-03-17 18:33:21 2012-04-25 11:55:35 a variant of Win32/Kryptik.VMB Win32:MalOb-IV [Cryp] HEUR:Trojan.Win 32.Generic Gen:Variant.Kaz y.43891 Trojan:Win32/Dy namer!dtc
0050771f197d912b1fd2767c9b07b0d9 2012-08-27 2012-01-22 05:30:06 2012-01-22 05:30:06 Win32:MalOb-IJ [Cryp] HEUR:Trojan.Win 32.Generic Gen:Variant.Kaz y.46466
0055add5c7c8778b1e97e0bc2cdb34fd 2012-08-27 2011-04-05 09:52:34 2012-08-17 14:32:46 Win32:Karagany- E [Trj] Trojan-Spy.Win3 2.SpyEyes.gaf Gen:Variant.Kaz y.154 TrojanDownloade r:Win32/Karagan y.A
00881bfd664c40bd17f00da4e2b1707e 2012-08-27 2012-01-30 20:45:05 2012-03-25 16:25:27 Win32/Ramnit.A Win32:Vitro HEUR:Trojan.Win 32.Generic Gen:Heur.FKP.1 Trojan:Win32/Ra mnit.A
009f01b994bd6211d8b79775decc5854 2012-08-27 2012-06-25 07:23:14 2012-06-25 07:23:14 Win32/Spy.SpyEye.CA Win32:Regrun-JI [Trj] Trojan.Win32.Me nti.kxpm Trojan.Generic. 6382824 Trojan:Win32/Ey eStye.N Armadillo v1.71
00bbce9dac6dec8f16547da20c09594c 2012-08-27 2011-11-11 04:55:40 2011-11-11 04:55:40 a variant of Win32/AutoRun.Injector.AM Win32:Spyeye-ZL [Trj] HEUR:Trojan.Win 32.Generic Worm.Generic.35 0922 Armadillo v1.71
00db3ed3ba79dcc6627b13f5c0557f46 2012-08-27 2012-06-25 13:26:56 2012-06-25 13:26:56 a variant of Win32/Kryptik.HJW Win32:Zbot-MVW [Trj] Trojan-Download er.Win32.Piker. cqy Gen:Variant.Kaz y.1690 TrojanDownloade r:Win32/Bredola b.AC
00ffd9a941c6fe8d57210bf82c674943 2012-08-27 2011-06-26 15:23:06 2011-07-19 07:46:49 Win32/Bamital.FA Win32:Trojan-ge n Trojan.Win32.Of icla.nbt Trojan.Generic. KD.225389 Trojan:Win32/Me redrop UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
012cca77918ab828662e9b726c97319c 2012-08-27 2011-11-03 13:55:46 2012-01-28 16:05:29 a variant of Win32/Injector.KLZ Win32:Spyeye-YV [Trj] Trojan.Win32.In ject.bpoa Gen:Variant.Gra ftor.3243 VirTool:Win32/D elfInject.gen!C M
01341c165ed887fa134250750b2218c4 2012-08-27 2011-12-15 08:45:54 2012-01-19 04:40:25 Win32/AutoRun.Spy.Banker.M Win32:Spyware-g en [Spy] Trojan-Dropper. Win32.Dapato.sd d Trojan.Generic. KDV.479801 Worm:Win32/Crid ex.B Armadillo v1.71
014e076ae37f2e5e612ae748dd9e4177 2012-08-27 2011-11-11 03:24:24 2011-11-24 20:34:32 a variant of Win32/Injector.JMN Win32:Crypt-KLY [Trj] Trojan.Win32.Bu zus.iofc Trojan.Generic. 6686401 TrojanDropper:W in32/Sirefef.B
01525755f4b3c800560bdc4ac3c80cbd 2012-08-27 2011-03-09 19:58:13 2011-03-19 04:41:56 a variant of Win32/Injector.FBK Win32:Spyware-g en Trojan-Spy.Win3 2.SpyEyes.fqu Trojan.Generic. KDV.152375
019f9a5668d3de770f4c0a741a4f0c4a 2012-08-27 2012-03-28 01:18:38 2012-03-28 05:03:51 a variant of Win32/Injector.KCP Win32:Regrun-JI [Trj] HEUR:Trojan.Win 32.Generic Gen:Variant.Gra ftor.1584 Armadillo v1.71
01b36ef0ca621293f6c74c7b2950946a 2012-08-27 2012-01-06 23:55:08 2012-06-07 08:19:28 Win32/AutoRun.IRCBot.HO Win32:Malware-g en Trojan-Dropper. Win32.Injector. boyd Backdoor.Agent. ABAV Worm:Win32/Phor piex.B
01ceff3646dd40eaa11ed4cf7a75d495 2012-08-27 2012-03-21 00:04:37 2012-03-22 04:53:17 a variant of Win32/Kryptik.ACTR Win32:Spyeye-AC T [Trj] Trojan-FakeAV.W in32.Agent.dks Gen:Variant.Bre do.21 Rogue:Win32/Win websec
01d1d9f8c314a19e9f5cc7dc06693ea5 2012-08-27 2012-06-20 01:29:52 2012-06-20 01:29:52 Win32:Spyeye-WC [Trj] Trojan.Win32.Ge nome.acnzw Gen:Variant.Kaz y.37631 VirTool:Win32/O bfuscator.TT
01ef0b349a8b2c598f24fad77bb7d506 2012-08-27 2012-06-27 04:01:59 2012-06-27 04:01:59 a variant of Win32/Kryptik.HCV Win32:Malware-g en Trojan-Spy.Win3 2.SpyEyes.evw Trojan.Generic. KD.45757 Rogue:Win32/Win websec
02084edaa51e7bd688fc95c0ae86a29a 2012-08-27 2011-11-18 19:01:09 2011-11-21 15:55:16 a variant of Win32/Injector.KTW Win32:Spyeye-ZI [Trj] Trojan-Spy.Win3 2.SpyEyes.qmg Trojan.Generic. KDV.399472 Trojan:Win32/Or sam!rts
022abced09dc8142069c88ce2ee06e55 2012-08-27 2012-06-22 23:18:26 2012-06-22 23:18:26 Win32/Spy.SpyEye.CA Win32:Zbot-NES [Trj] Net-Worm.Win32. Koobface.jcb Gen:Variant.Kaz y.25416
0234f794047645d090a47550cf229bd4 2012-08-27 2012-04-08 05:38:21 2012-06-13 10:50:56 probably a variant of Win32/Injector.KNA Win32:Malware-g en HEUR:Trojan.Win 32.Generic Gen:Trojan.Heur .VP2.eu0baiVzqp ii VirTool:Win32/V BInject.UG ASPack v2.12


—AVP  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
00ada89f87db0db0f3939271c34f865e 2012-08-27 2008-09-18 18:15:52 2009-04-27 12:34:23 probably a variant of Win32/Adware.RogueApp Win32:Adware-ge n not-a-virus:Fra udTool.Win32.Ag ent.r Adware.AntivirP rotection.A Program:Win32/A ntivirusProtect ion
0106605d11d29384522bfa17164fd943 2012-08-27 2012-03-22 10:32:32 2012-03-22 21:11:40 Win32:Dialer-AV P [Trj] Trojan.Win32.Di aler.qn Trojan.Mezzia.G en Trojan:Win32/Ad ialer.OP
014596c2ff3198b690bf2f3debcb0711 2012-08-27 2011-12-03 03:58:24 2011-12-05 21:04:13 Win32/Spy.Zbot.YW Win32:Trojan-ge n Trojan-Spy.Win3 2.Zbot.coxf Trojan.Spy.Zbot .ETB PWS:Win32/Zbot UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
01b37e56720a5bf5a85c103878100388 2012-08-27 2012-06-11 04:52:22 2012-06-11 04:52:22 Win32/Kryptik.AGSY Win32:Kryptik-I XH [Trj] Trojan-Spy.Win3 2.Zbot.dyuc Trojan.Agent.AV PE
01cd13a561ff5396604b8718e911b49f 2012-08-27 2011-11-17 13:29:53 2012-07-25 21:46:15 Win32:Trojan-ge n Trojan-Spy.Win3 2.Zbot.coxf Trojan.Spy.Zbot .ETB PWS:Win32/Zbot UPX UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
01f699ef8a648642084f7d665c3c265e 2012-08-27 2011-10-15 19:56:04 2011-10-25 08:10:00 Win32/Olmarik.AVP Win32:Alureon-A FI [Trj] HEUR:Trojan.Win 32.Generic Gen:Variant.Kaz y.27650 Trojan:Win32/Al ureon.DX
0267027dd9091a7054ff9c46384c6654 2012-08-27 2012-02-04 10:24:19 2012-03-31 17:43:08 a variant of Win32/Kryptik.YVK Win32:MalOb-JA [Cryp] Gen:Variant.Kaz y.52638 Rogue:Win32/Fak eRean
03ceb31131f1a47c1388e9c8a53feca0 2012-08-27 2010-08-10 20:27:10 2011-02-05 09:10:23 a variant of Win32/Injector.CLG Win32:Malware-g en Trojan-Download er.Win32.Banloa d.bekw Worm.Generic.27 2239 TrojanSpy:Win32 /Swisyn.B
05740edf8ef59dfdcb3660b35e76052c 2012-08-27 2010-06-02 22:16:22 2012-08-01 23:09:46 Win32:Rootkit-g en [Rtk] Trojan.Win32.Sw isyn.avpt Trojan.Generic. KD.14612 Trojan:Win32/Tr ufip!rts Armadillo v1.71
06daf98aa5504f124d1f19bb23d8aa2b 2012-08-27 2012-02-20 01:00:55 2012-02-20 01:00:55 a variant of Win32/Kryptik.YMJ Win32:MalOb-IG [Cryp] Trojan.Win32.Fa keAV.kbsd Gen:Variant.Kaz y.51804 Rogue:Win32/Fak eRean
07837d8689d093ddfb90e0e873a40403 2012-08-27 2012-02-06 12:01:38 2012-08-04 03:14:45 Win32:FakeAlert -EM [Trj] Trojan-FakeAV.W in32.VirusDocto r.v Gen:Variant.Urs nif.2 Rogue:Win32/Fak eVimes
07ca5974da6c583b74870b97ca4418ba 2012-08-27 2011-02-04 10:40:03 2012-05-10 04:07:38 a variant of Win32/Spy.VB.NJM Win32:VB-QXQ [Spy] Trojan.Win32.VB Krypt.bavp Gen:Trojan.Heur .fm0@s5JEYbfih Trojan:Win32/Bu mat!rts
087347abfd1f071bcbd9ed2cd83742c3 2012-08-27 2011-11-15 22:10:35 2011-12-16 17:26:10 a variant of Win32/Agent.TCI Win32:Crypt-KWZ [Trj] HEUR:Trojan.Win 32.Generic Gen:Variant.Buz y.4378 Trojan:Win32/In ject.AL
089204eee8ae33f0301b90c43c55aef4 2012-08-27 2011-11-15 12:43:41 2011-12-06 23:11:43 a variant of Win32/Kryptik.VPK Win32:Gbot-M [Trj] Trojan-FakeAV.W in32.OpenCloud. p Trojan.Generic. 6850089 Rogue:Win32/Fak eScanti
09ee083b59b68fa0807dde46be7938a4 2012-08-27 2011-03-19 05:31:23 2011-03-20 00:07:52 Win32/Sirefef.C Win32:Delf-OHT Trojan.Win32.Fa keAV.avpj Trojan.Generic. KD.138388 Worm:Win32/Sire fef.gen!A
0a58fdc81e8bb0e2be92c805846f082e 2012-08-27 2012-01-28 19:43:01 2012-01-28 19:43:01 a variant of Win32/Kryptik.ZAZ Win32:ZAccess-E F [Trj] HEUR:Trojan.Win 32.Generic Gen:Variant.Kaz y.53282 Rogue:Win32/Fak eRean
0aa08ce7021f950a13167728fe7386a6 2012-08-27 2012-03-24 13:06:08 2012-05-30 19:28:26 a variant of Win32/Injector.PLK Win32:Crypt-MCG [Trj] HEUR:Trojan.Win 32.Generic Trojan.Generic. 7394229 Worm:Win32/Nayr abot.gen!A
0b3daa6dcf816fa34179197d6be16c21 2012-08-27 2012-01-17 00:16:22 2012-02-01 14:32:17 a variant of Win32/Kryptik.ZAZ Win32:ZAccess-E F [Trj] Trojan.Win32.Fa keAV.kmpm Gen:Variant.Kaz y.53282 Rogue:Win32/Fak eRean
0ce67f90dd1a936cbc08a6dea0e4d8ae 2012-08-27 2011-11-17 02:06:29 2012-02-09 06:37:16 a variant of Win32/Agent.TCI Win32:Crypt-KWZ [Trj] HEUR:Trojan.Win 32.Generic Gen:Variant.Buz y.4378 Trojan:Win32/In ject.AL
0cf1f914d2805a4cafa33ba9088424a2 2012-08-27 2012-01-17 13:30:31 2012-01-17 13:30:31 a variant of Win32/Kryptik.YWV Win32:Downloade r-MHD [Trj] Trojan.Win32.Fa keAV.kjsd Gen:Variant.Gra ftor.12856 Rogue:Win32/Fak eRean


—EICAR  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
14eb13beba07c82ba1851bce503cb034 2012-08-27 2011-09-06 11:15:30 2011-12-17 19:44:11 Eicar test file EICAR Test-NOT virus!!! EICAR-Test-File EICAR-Test-File (not a virus) Virus:DOS/EICAR _Test_File
16f8c3d67250837bc2e400ad19e0b72a 2012-08-27 2012-08-10 18:19:02 2012-08-15 16:50:23 BV:BVCK-gen3 P2P-Worm.BAT.Co pybat.ag UPX, PKLITE
2c64f48e5135fbaa944172202d236c7d 2012-08-27 2006-06-01 07:00:05 2012-08-20 00:47:44 EICAR Test-NOT virus!!! EICAR-Test-File EICAR-Test-File (not a virus) Virus:DOS/EICAR _Test_File
317c6356b04926b4cf107df145289435 2012-08-27 2010-12-14 12:22:14 2012-08-12 02:15:31 AntiAVP-Avbad [Trj] Trojan.DOS.Avba d Trojan.Avbad.A Trojan:DOS/Avba d LZEXE, PKLITE
5c770e1490835247d0a541474ee51c50 2012-08-27 2012-07-26 12:10:50 2012-07-27 20:06:32 EICAR Test-NOT virus!!! EICAR-Test-File
5e67103aa3baadde488fc8a66915610e 2012-08-27 2012-02-07 23:35:55 2012-04-07 06:45:15 EICAR-Test-File Virus:DOS/EICAR _Test_File
613a4ae52be7190a18c340f0ffa78fbd 2012-08-27 2012-07-21 14:15:28 2012-07-24 20:16:28 EICAR Test-NOT virus!!! EICAR-Test-File
67cafd0c5fb22dc93815700230d368c3 2012-08-27 2012-07-26 12:19:57 2012-07-27 20:06:19 EICAR Test-NOT virus!!! EICAR-Test-File
72015abc47f25b8f624a0b1b2eb3ebe0 2012-08-27 2012-01-30 00:23:27 2012-04-18 14:37:09 EICAR Test-NOT virus!!! HEUR:Trojan.Win 32.Generic Trojan.Generic. 7358064 Virus:DOS/EICAR _Test_File
79449529d738e9a3ef5893efaf048da5 2012-08-27 2012-07-26 12:27:02 2012-07-27 20:05:41 EICAR Test-NOT virus!!! EICAR-Test-File
82a83e6e1799f3886123614014ef07f4 2012-08-27 2012-07-21 15:02:40 2012-07-24 19:45:51 EICAR Test-NOT virus!!! EICAR-Test-File
934162a08d4a38711083345ef0b57d14 2012-08-27 2008-03-22 05:39:27 2012-05-16 01:40:33 EICAR-Test-File Virus:DOS/EICAR _Test_File
9590348417ce24e4c1d0e1d8af4c4939 2012-08-27 2012-08-04 04:10:00 2012-08-09 00:43:00 EICAR Test-NOT virus!!! EICAR-Test-File Virus:BAT/Mouse Disable.D
96cb4955ea6bab5f3c8524528401413c 2012-08-27 2009-11-30 16:14:16 2011-09-07 03:48:37 probably a variant of Win32/Agent.XRUNPA Win32:Malware-g en Trojan.Win32.Ge nome.qcad Trojan.Generic. 3199186 Trojan:Win32/Me redrop
a27ee916c22a51179c9e2f1ae67aa7eb 2012-08-27 2012-07-21 16:02:15 2012-07-24 19:45:21 EICAR Test-NOT virus!!! EICAR-Test-File
a911a87a26153abe77c3b25c28615218 2012-08-27 2010-09-02 12:41:52 2010-09-02 23:44:58 Win32:Malware-g en Trojan.Win32.Co smu.dry Dropped:EICAR-T est-File (not a virus)
ac2ff734c993884834c5bb820d21f3f1 2012-08-27 2011-11-19 09:10:49 2012-07-30 18:46:08 EICAR Test-NOT virus!!! EICAR-Test-File
b07e6f95ddf91415897164d7b3eb4736 2012-08-27 2011-10-05 23:16:00 2011-10-05 23:16:00 Trojan.Script.7 133
c29bc4713727d469886ea655115dd177 2012-08-27 2012-08-04 04:28:58 2012-08-08 21:33:18 BV:Malware-gen IRC-Worm.BAT.Ge neric Trojan.Batzz99. A Virus:BAT/Adiou s.A embedded
c9357c00c4da9e9fd8add93e917c57c6 2012-08-27 2012-07-21 17:35:39 2012-07-26 20:06:19 EICAR Test-NOT virus!!!



—mistfall  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
31484725213be800bc1d69cb0ece77aa 2012-08-27 2012-08-10 18:00:33 2012-08-13 13:48:27 Win32:Mistfall [Tool] VirTool.Win32.M istfall VirTool:Win32/M istfall
50e4913a0d73f61279101d08a6e983a5 1970-01-01 2006-06-11 16:14:34 2012-04-15 22:14:43 Win32/VirTool.Mistfall Win32:Mistfall [Tool] VirTool.Win32.M istfall VirTool:Win32/M istfall






—rBot =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
2af4783aba321f53082085e8937b2567 2012-08-28 2012-07-11 23:52:26 2012-08-26 04:26:41 Win32:Virtob Backdoor.Win32. Rbot.adqd Trojan.Generic. 5333379 Virus:Win32/Vir ut.AC
865915650a85e7c27cdd11850a13f86e 2012-08-28 2006-09-03 07:01:30 2012-06-17 17:26:56 Win32/Rbot Win32:Rbot-GKN [Trj] Net-Worm.Win32. Kolab.aefe IRC-Worm.Generi c.22084 Backdoor:Win32/ Rbot
00157f6de1c95255bb781e45088d9a21 2012-08-27 2012-06-24 18:13:49 2012-06-24 18:13:49 Win32/Rbot.YM Trojan.Win32.Ge nome.dnsq IRC-Worm.Generi c.15028 Backdoor:Win32/ Rbot
0024542e9282e2fe0c0ca9b0c0b6f43a 2012-08-27 2012-02-18 10:11:27 2012-04-16 16:12:13 Win32/Virut.NBP Win32:Rbot-GQG [Trj] Backdoor.Win32. LolBot.xzd Worm.Generic.29 8540 Trojan:Win32/Fa kefolder.B
002984263e0d36042f0a4e613f9b9b46 2012-08-27 2009-02-24 07:24:34 2009-02-24 07:24:34 probably a variant of Win32/Rbot Win32:Trojan-ge n {Other} Backdoor.Win32. Rbot.fat Backdoor.Bot.17 676 ASProtect v1.23 RC1
002d88dc3184ac1cc52018a4a34d02c4 2012-08-27 2011-09-15 04:06:24 2011-09-15 04:06:24 a variant of Win32/Injector.IIQ Win32:Sality Worm.Win32.Ngrb ot.cnh Trojan.Generic. KDV.304762 Worm:Win32/Dork bot.gen!A Armadillo v1.71
00423373be53630ab1ceea85fa574939 2012-08-27 2011-04-02 04:52:43 2012-08-17 14:22:42 Trojan.Generic. 6907346 Backdoor:Win32/ Rbot.gen!G
00492917b6eb3d9c6d62f86f9acc6bce 2012-08-27 2012-06-25 00:19:05 2012-06-25 00:19:05 Backdoor.Win32. Rbot.umw Backdoor.Bot.60 974 Dev-C++ -> Bloodshed Software
0052a28dc60cac68b54ddf8f02d5aa5d 2012-08-27 2010-07-18 23:41:47 2010-07-18 23:41:47 a variant of Win32/Packed.Themida Gen:Trojan.Heur .RqX@5Gy!Zup Backdoor:Win32/ Bifrose.gen!C
0066ad4c5a1206fb6563a285f2ce14a0 2012-08-27 2012-06-22 19:57:07 2012-06-22 19:57:07 a variant of Win32/Packed.Themida Backdoor.Win32. Rbot.akio Trojan.Generic. 7352279 Themida
006e7190f10953306ba5846d272af457 2012-08-27 2011-03-13 17:31:06 2012-02-11 09:09:57 probably a variant of Win32/Agent.COLWWTQ Win32:Spyware-g en [Spy] Backdoor.Win32. Rbot.alyk Gen:Trojan.Heur .GM.0140430082 Backdoor:Win32/ Ursap!rts
006f203bee46359995b68b8f0f95dea1 2012-08-27 2011-12-03 11:22:06 2012-02-11 09:20:43 Win32/TrojanDropper.Delf.NJH Win32:Bifrose-D YN [Trj] Backdoor.Win32. Rbot.hyj Trojan.Keylogge r.ADY TrojanDropper:W in32/Agent.BAD
008e7e1d54316b2f2e6aebd0861a37fe 2012-08-27 2012-06-24 02:14:52 2012-06-24 02:14:52 a variant of Win32/Rbot Win32:EggDrop-A C [Trj] Backdoor.Win32. Rbot.boz Backdoor.Rbot.E UT Backdoor:Win32/ Rbot.gen!F
00a649781cf7d8153bd9af03d0ce5cd9 2012-08-27 2012-06-25 01:54:32 2012-06-25 01:54:32 a variant of Win32/Injector.OI Win32:Rbot-GLC [Trj] Trojan.Win32.Bu zus.bnsz Trojan.Generic. 1809892 VirTool:Win32/I njector.gen!B Armadillo v1.71
00ad7e4470086e1345b017876fd41619 2012-08-27 2011-09-11 16:46:41 2011-11-14 20:47:48 a variant of Win32/Packed.MoleboxUltra Win32:Malware-g en Backdoor.Win32. Rbot.hyj Trojan.Generic. 4200368 TrojanDropper:W in32/Agent.BAD
00d753fcbad0dc47101d3818d491a7e7 2012-08-27 2012-06-21 13:36:05 2012-06-21 13:36:05 Win32/TrojanDownloader.Agent.OST Win32:Trojan-ge n not-a-virus:AdW are.Win32.ZenoS earch.ky Trojan.Generic. 1385769 Trojan:Win32/Vu ndo
00e9816f69922b9c43f89dc0a92a99d1 2012-08-27 2008-12-27 13:34:07 2010-01-22 01:10:12 Backdoor.Bot.89 803 Xtreme-Protecto r v1.05
00eee20b71e92f57ded4b497e5dbdaf1 2012-08-27 2008-05-05 22:13:17 2008-05-05 22:13:17 Win32:Small-BHA Backdoor.Prorat .C Armadillo v1.71
00fc84692d5b22e4ecb3d8022ea86698 2012-08-27 2012-06-27 09:22:01 2012-06-27 09:22:01 a variant of Win32/Spy.Delf.NLM Win32:Agent-ACQ U [Trj] Backdoor.Win32. Rbot.agyp Gen:Trojan.Heur .PT.ei4abKk10V Trojan:Win32/De lf.EZ Malware_Prot.AJ themida -> http://www.orea ns.com
00fc850b10d54e404cc1ff521ad10ea6 2012-08-27 2008-04-28 16:59:58 2008-05-06 12:24:21 Xtreme-Protecto r v1.05
Checked on VT at 2012-09-10 12:39:43
Scanned at 2012-08-26 04:26:41


—proRAT  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
0023b2d76c606328688afa5ade9c0acf 2012-08-27 2009-10-25 02:21:28 2009-10-25 02:21:28 a variant of Win32/Packed.Themida Win32:Bifrose-D RI Gen:Trojan.Heur .dvXarDpNMyoi Backdoor:Win32/ Prorat.AH
0043b0517c628ef897f477e4345fd7a3 2012-08-27 2010-07-02 02:34:55 2012-02-11 12:45:38 a variant of Win32/Packed.Themida Win32:Malware-g en Backdoor.Win32. Prorat.uft Backdoor:Win32/ Ursap!rts
0054c6b833c013f32bced841e1e6739d 2012-08-27 2009-10-19 17:19:55 2009-10-19 17:19:55 probably unknown NewHeur_PE Win32:Trojan-ge n MemScan:Backdoo r.Agent.ZNH Backdoor:Win32/ Prorat.AM
0073d646cf945a4b5b3ba513b87a3c60 2012-08-27 2012-06-20 00:16:55 2012-06-20 00:16:55 a variant of Win32/Prorat.19.NAC Win32:Malware-g en Backdoor.Win32. Prorat.efu MemScan:Backdoo r.Delf.HBZ Backdoor:Win32/ Prorat.AM Obsidium V1.3.0.4 -> Obsidium Software
008e37fd9125255f6a25e19fc7640bea 2012-08-27 2012-06-05 10:42:20 2012-06-05 10:42:20 Win32:Spyware-g en [Spy] Backdoor.Win32. Prorat.het Trojan.Generic. 4484805
0090c0275880256778d156f7b08e8f03 2012-08-27 2011-03-15 10:52:42 2011-04-13 18:37:22 Backdoor.Win32. Prorat.rft Gen:Trojan.Heur .dr3a4ScZqsdi
00a490a8595793e54caa7e9a38768891 2012-08-27 2008-10-01 16:13:23 2008-10-01 16:13:23 probably unknown NewHeur_PE Win32:Agent-ONW MemScan:Backdoo r.Agent.ZNH ASProtect v1.23 RC1
00eee20b71e92f57ded4b497e5dbdaf1 2012-08-27 2008-05-05 22:13:17 2008-05-05 22:13:17 Win32:Small-BHA Backdoor.Prorat .C Armadillo v1.71
00fc839a3e3d2986cceca58ae900ce13 2012-08-27 2010-08-18 21:00:24 2010-08-24 10:54:38 Win32/Packed.Themida.A Win32:Malware-g en Backdoor.Win32. Prorat.19.dht Trojan.Packed.L ibix.Gen.2 VirTool:Win32/O bfuscator.XX
0100ca070eda3acfbdfbf2424612cc5f 2012-08-27 2010-12-14 03:58:20 2012-06-07 07:22:17 a variant of Win32/Injector.BLB Win32:VB-PJN [Drp] Backdoor.Win32. Prorat.hhw Backdoor.Generi c.319260 Trojan:Win32/VB Inject.E
0121a89cb657a11e5dd092883bfd7825 2012-08-27 2010-07-17 07:37:48 2010-07-17 07:37:48 a variant of Win32/TrojanDropper.Delf.NFK Win32:Prorat-JE Gen:Trojan.Heur .GM.0408470024
017d509b8598921ed40744e0ca829db6 2012-08-27 2009-06-22 12:28:25 2009-06-22 12:28:25 Win32:Trojan-ge n {Other} Gen:Trojan.Heur .VB.1025DA9A9A Trojan:Win32/Ma lat
01e7cbd34f8bd3cf5fa608baf2fa6d60 2012-08-27 2011-11-15 13:23:32 2012-02-12 07:10:28 Win32/Prorat.NAH Win32:Prorat-FE [Trj] Backdoor.Win32. Prorat.dz Backdoor.Generi c.21020 Backdoor:Win32/ Prorat.K
01e93b84d7df6bac7cde630ffffd043f 2012-08-27 2010-05-20 13:53:52 2012-06-09 12:47:16 a variant of Win32/RemoteAnything.AA Win32:Trojan-ge n Backdoor.Win32. Prorat.hoj Packer.Malware. NSAnti.1 Backdoor:Win32/ VB.OF
01ea64f575a9f95563ffeef45fb09ca2 2012-08-27 2012-06-27 09:46:59 2012-06-27 09:46:59 Win32/Prorat.19 Win32:Prorat-BH [Trj] Backdoor.Win32. Prorat.kcm Backdoor.Prorat .19.I Backdoor:Win32/ Prorat.Z ASPack v2.12
02119a21b4b339dd367769c2aebd622c 2012-08-27 2008-11-04 18:23:06 2009-12-05 01:59:16 probably a variant of Win32/Agent Win32:Trojan-ge n Backdoor.Win32. ProRat.cqf Trojan.Generic. 1859606
022cb4ec9e03596701cdc5252c09d0e9 2012-08-27 2012-06-25 18:49:03 2012-06-25 18:49:03 a variant of Win32/Injector.EJM Win32:Trojan-ge n Backdoor.Win32. Prorat.efy Gen:Trojan.Heur .Dropper.bm0@aa gNUVni VirTool:Win32/V BInject.AZ
0247d8561b2a3b8338aa2eff5632f212 2012-08-27 2009-10-13 11:06:04 2009-11-08 22:05:55 Win32:Prorat-IR Backdoor.Win32. ProRat.fns MemScan:Backdoo r.Agent.ZNH Backdoor:Win32/ Prorat
0248b3729a47c970cbd5c43e7298d3dc 2012-08-27 2012-06-21 15:25:52 2012-06-21 15:25:52 a variant of Win32/GameHack.AL Win32:Trojan-ge n Backdoor.Win32. Prorat.fwr Backdoor.Turkoj an.AF Backdoor:Win32/ Turkojan.AI
024c8882871ba3921c2f243ad96e3956 2012-08-27 2012-06-19 17:50:01 2012-06-19 17:50:01 probably a variant of Win32/Agent.LTWPXFW Win32:Trojan-ge n Backdoor.Win32. Prorat.evo MemScan:Backdoo r.ProRat.TG Backdoor:Win32/ Prorat.U

—lostDoor – proRAT kinda  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
cb5c84f6f7e682d9cba2ecba677336c4 1970-01-01 2010-12-04 10:25:27 2012-04-04 22:06:55 a variant of Win32/Spy.KeyLogger.NHM Win32:Agent-ABM I [Trj] Trojan-Spy.Win3 2.VBChuchelo.ah Trojan.Generic. 161562 TrojanSpy:Win32 /Choochie.K



—Ultimate_Spy-Net  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

action md5 insert date First seen Last seen nod32 avast kaspersky bitdefender microsoft f_prot_unpacker peid
0058368c1856f88556e881d203441805 2012-08-27 2012-06-24 11:10:36 2012-06-24 11:10:36 a variant of Win32/TrojanDownloader.FakeAlert.NQ Win32:Lighty-B [Cryp] Trojan.Win32.Vi lsel.mfb Packer.Malware. Lighty.I TrojanDownloade r:Win32/Renos
00adc990cbf1e4733fdf3afbdf54938a 2012-08-27 2012-06-23 11:17:18 2012-06-23 11:17:18 a variant of Win32/TrojanDownloader.FakeAlert.NQ Win32:Lighty-B [Cryp] Backdoor.Win32. UltimateDefende r.hiw Packer.Malware. Lighty.I Trojan:Win32/Wa ntvi.I
00c547fb1918bcef0a864161b33f0ead 2012-08-27 2010-12-30 22:38:00 2012-02-11 06:34:55 a variant of Win32/Adware.Antivirus2008 Win32:FakeAV-M [Trj] Trojan-FakeAV.W in32.UltimateAn tivirus.g Trojan.Generic. 365345 Rogue:Win32/Fak eSecSen ASPack v2.12
00cbcdff13e5c710341393a19d260da6 2012-08-27 2008-07-28 12:42:05 2009-10-16 10:45:20 probably a variant of Win32/Adware.Antivirus2008 Win32:Trojan-ge n not-a-virus:Fra udTool.Win32.Ul timateAntivirus .ag Trojan.Generic. 669380 Trojan:Win32/Fa keSecSen ASProtect v1.23 RC1
0279f3e2593cb0130e2616de1e4ebb76 2012-08-27 2008-06-18 11:50:19 2012-02-12 23:45:25 Win32/Adware.WinAntiVirus Win32:FakeAV-M [Trj] Trojan-FakeAV.W in32.UltimateAn tivirus.cl Adware.Rogue.Ad vancedAntivirus .A Rogue:Win32/Fak eSecSen Armadillo v1.xx – v2.xx
029eea83722c549f099d423418b8a54a 2012-08-27 2008-10-17 23:58:48 2011-02-26 10:22:25 a variant of Win32/TrojanDownloader.FakeAlert.NQ Win32:Lighty-B Trojan-Dropper. Win32.Wlord.ahu Packer.Malware. Lighty.I TrojanDropper:W in32/Rooter.B
0305fbcff971eabd81d5ddadd29e6ec1 2012-08-27 2008-08-22 16:42:43 2011-07-18 05:11:41 probably a variant of Win32/Adware.Antivirus2008 Win32:Neptunia- AGB [Trj] not-a-virus:Fra udTool.Win32.Ul timateAntivirus .bi Trojan.Fakeav.B C Rogue:Win32/Fak eSecSen ASPack v2.12
0358ecdc802150626cec39052e43132b 2012-08-27 2008-11-03 08:08:58 2011-08-26 21:27:41 Win32/TrojanDownloader.FakeAlert.PL.Gen Win32:Lighty-D [Cryp] Backdoor.Win32. UltimateDefende r.gsv Trojan.FakeAler t.ANE TrojanDownloade r:Win32/Renos.F J
0452ca3a273127a940c491a87806b047 2012-08-27 2008-08-28 06:23:10 2008-10-22 05:12:57 not-a-virus:Fra udTool.Win32.Ul timateAntivirus .bu Program:Win32/A ntivirus2008 ASPack v2.12
057abdd8f6d1f61eef9434b5e7daa4c6 2012-08-27 2011-07-27 19:30:35 2011-10-20 22:26:38 Win32/Adware.UltimateDefender Win32:FraudTool -GY [Tool] Backdoor.Win32. UltimateDefende r.pq Trojan.Generic. 6410781 Trojan:Win32/An omaly.gen!A UPX UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
06fbf01caa783f46421a0bbedf97719e 2012-08-27 2012-06-19 23:11:45 2012-06-19 23:11:45 probably a variant of Win32/Kryptik.FD Win32:Lighty-E [Cryp] Backdoor.Win32. UltimateDefende r.hwp Trojan.FakeAler t.ANE Trojan:Win32/Wa ntvi.I
08226ab7f48461cb78d33b985ec2fa4f 2012-08-27 2008-08-25 12:55:04 2009-05-01 22:36:49 Win32/Adware.Antivirus2008 Win32:Neptunia- AGB not-a-virus:Fra udTool.Win32.Ul timateAntivirus .bq Trojan.Fakealer t.ALL Trojan:Win32/Fa keSecSen ASPack v2.12
085381cd16ef4f9c6cf03ce79f77b35f 2012-08-27 2009-04-16 21:00:47 2009-04-16 21:00:47 probably a variant of Win32/Adware.Antivirus2008 Win32:Neptunia- AGB not-a-virus:Fra udTool.Win32.Ul timateAntivirus .by Trojan.Fakeav.B C Trojan:Win32/Fa keSecSen ASPack v2.12
09cb0a224418027c40f9552c56180750 2012-08-27 2008-12-02 10:46:37 2009-09-12 07:57:49 a variant of Win32/Kryptik.CH Win32:Lighty-H Backdoor.Win32. UltimateDefende r.hki Trojan.Generic. 1730997 TrojanDownloade r:Win32/Renos.F J
0b55b43d8ec5898f408707ac069300b6 2012-08-27 2008-07-10 12:31:24 2011-08-15 04:38:12 Win32/Adware.Antivirus2008 Win32:FakeAlert -S [Trj] Trojan-FakeAV.W in32.UltimateAn tivirus.dp Trojan.FakeAv.B U Rogue:Win32/Fak eSecSen ASProtect v1.23 RC1
0c243bffc29aab2ea6e4abb65319f33c 2012-08-27 2008-09-19 14:03:15 2012-02-09 08:34:42 Win32/Adware.Antivirus2008 Win32:Neptunia- AGB [Trj] Trojan-FakeAV.W in32.UltimateAn tivirus.cp Trojan.Fakeav.B C Rogue:Win32/Fak eSecSen ASPack v2.12
0e4eaff4a610c160e9cfbe4b01463295 2012-08-27 2009-07-21 00:34:56 2009-11-15 11:49:01 probably a variant of Win32/UltimateDefender.A Win32:Agent-QNI Backdoor.Win32. UltimateDefende r.ieq Generic.Malware .P!.6473D4B8 VirTool:WinNT/X antvi.gen!A
0f27d07f89550dcae7050f3c100137f3 2012-08-27 2008-03-29 22:49:29 2008-10-29 15:07:04 not-a-virus:Fra udTool.Win32.Ul timateDefender. cm Trojan.Crypt.AN Trojan:Win32/Ti bs.gen!H
0f388783e9960156399c343ea7a70e24 2012-08-27 2008-11-03 20:53:28 2009-05-26 21:41:40 Win32/TrojanDownloader.FakeAlert.PL.Gen Win32:Lighty-D Backdoor.Win32. UltimateDefende r.gky Trojan.FakeAler t.ANE TrojanClicker:W in32/Klik
102009d4b848bd264753f877dae939a4 2012-08-27 2008-08-27 07:34:09 2012-01-24 08:11:37 probably a variant of Win32/Adware.Antivirus2008 Win32:Neptunia- AGB [Trj] Trojan-FakeAV.W in32.UltimateAn tivirus.bw Trojan.Fakeav.B C Rogue:Win32/Fak eSecSen ASPack v2.12