gone
Bitcoin trojans are a go!
Nerds and their cryptocurrency are soon departed. So it’s no surprise then that viruses and trojans are popping up like weeds.
ThreatExpert just did an analysis on one recent example. Look at the handywork of this guy!
- The following files were created in the system:
# | Filename(s) | File Size | File Hash |
1 | %AppData%\Bitcoin\.lock %AppData%\Bitcoin\db.log |
0 bytes | MD5: 0xD41D8CD98F00B204E9800998ECF8427E SHA-1: 0xDA39A3EE5E6B4B0D3255BFEF95601890AFD80709 |
2 | %AppData%\Bitcoin\addr.dat | 32,768 bytes | MD5: 0x889D8986F64AEF69D2D61BF99B0D42E8 SHA-1: 0x6BC7086BF7845C4F1AF77C4C8A9653A2DF6C8567 |
3 | %AppData%\Bitcoin\blk0001.dat | 293 bytes | MD5: 0xFBA6C2DDB443F778F5CFD55B3CA2AC82 SHA-1: 0x236DCF6F439073ACC6B3BC4FDB134619CC6FF062 |
4 | %AppData%\Bitcoin\blkindex.dat | 32,768 bytes | MD5: 0x34BC471413DCECF942CB3C1DED012D1E SHA-1: 0xF6E9B68316EDF2831605113A1CA55664C1A762BA |
5 | %AppData%\Bitcoin\database\log.0000000001 | 10,000,000 bytes | MD5: 0xD13E23C1624D2F198FDADBA2F9BD6952 SHA-1: 0x45E3752B9F32508FC0C9E9DA007890DB97C3F227 |
6 | %AppData%\Bitcoin\debug.log | 2,454 bytes | MD5: 0x6C9806B2D2F2F1A01ACFA23546B2A22A SHA-1: 0x18D9B26320D1DF1215685B724B4D92EA0A5D7BE7 |
7 | %AppData%\Bitcoin\wallet.dat | 32,768 bytes | MD5: 0xBF0F5C3E805ED07DA5A592AF61851407 SHA-1: 0xADC02A501AB4856A5EC832F9CC66A093007C12FD |
8 | %AppData%\Bitcoin\__db.001 | 24,576 bytes | MD5: 0x1DDEFBC173EADBF98AB3EC4BB72E492B SHA-1: 0x1DBD5BF0AB6C7B442296CAECEBB345F490A0DD87 |
9 | %AppData%\Bitcoin\__db.002 | 507,904 bytes | MD5: 0x4CF247930C14BFECDD819E1EE0E10F67 SHA-1: 0xE8D39BA2AB7D8090A6C92AACD66C11926F5239F0 |
10 | %AppData%\Bitcoin\__db.003 | 270,336 bytes | MD5: 0xD60839A41D6C0BB9DEC441E64F083A3E SHA-1: 0x278FC787C346DDF97876FB93BFC40558C1B28736 |
11 | %AppData%\Bitcoin\__db.004 | 98,304 bytes | MD5: 0xBFE6A246E9F87AAE9622B00E8DE79ACD SHA-1: 0x1AD4796B86BEF477CCB9AEC6172198673B42E24A |
12 | %AppData%\Bitcoin\__db.005 | 4,005,888 bytes | MD5: 0x39AE37C762AE2EE921D9A08D3033715A SHA-1: 0x2146AB7E604F556BCACDE2E4B6F079BD5AA2B871 |
13 | %AppData%\Bitcoin\__db.006 | 49,152 bytes | MD5: 0x75239342D82CB9E7976C2DFE0261829B SHA-1: 0x51515E82B58C29D26014E7C5E5ECF55E882729DB |
14 | [file and pathname of the sample #1] | 4,878,848 bytes | MD5: 0x74E7862A05A7166D2F22DBB74F4025DB SHA-1: 0x917B96C62E0ED680CB592AF951CE6F10F94EA29D |
Looks like we’re going to see a lot of people losing their “money” soon.