Subscribe to Virus Experts – We Make Your Digital Life Secured RSS FeedSubscribe to Virus Experts – We Make Your Digital Life SecuredComments FEED

Browse > Home / Security News / New Update about ( Ilomo, Clomp-A Trojan ) Detected from Microsoft and Sophos AV systems

New Update about ( Ilomo, Clomp-A Trojan ) Detected from Microsoft and Sophos AV systems

July 12, 2009 by admin  
Filed under Security News


163 views   1 Comment

 

Today We found Microsoft and Sophos AV systems detected the ( Ilomo, Clomp-A Trojan ) as we see the report from virus total but ( Mcafee, Symantec and Kaspersky ) didn’t detect it yet :

 

New Update about ( Ilomo, Clomp A Trojan ) Detected from Microsoft and Sophos AV systems

New Update about ( Ilomo, Clomp A Trojan ) Detected from Microsoft and Sophos AV systems

File Copy_of_service.exe received on 2009.07.11 22:50:15 (UTC)
Antivirus Version Last Update Result
a-squared 4.5.0.18 2009.07.11 Trojan.Win32.Ilomo!IK
AhnLab-V3 5.0.0.2 2009.07.11 -
AntiVir 7.9.0.204 2009.07.11 -
Antiy-AVL 2.0.3.1 2009.07.10 -
Authentium 5.1.2.4 2009.07.11 -
Avast 4.8.1335.0 2009.07.11 Win32:Fraudo
AVG 8.5.0.387 2009.07.11 -
BitDefender 7.2 2009.07.12 -
CAT-QuickHeal 10.00 2009.07.10 (Suspicious) – DNAScan
ClamAV 0.94.1 2009.07.11 -
Comodo 1619 2009.07.11 -
DrWeb 5.0.0.12182 2009.07.11 -
eSafe 7.0.17.0 2009.07.09 -
eTrust-Vet 31.6.6608 2009.07.10 -
F-Prot 4.4.4.56 2009.07.11 -
F-Secure 8.0.14470.0 2009.07.11 -
Fortinet 3.120.0.0 2009.07.11 -
GData 19 2009.07.12 Win32:Fraudo
Ikarus T3.1.1.64.0 2009.07.11 Trojan.Win32.Ilomo
Jiangmin 11.0.706 2009.07.11 -
K7AntiVirus 7.10.790 2009.07.11 -
Kaspersky 7.0.0.125 2009.07.11 -
McAfee 5673 2009.07.11 -
McAfee+Artemis 5673 2009.07.11 -
McAfee-GW-Edition 6.8.5 2009.07.11 -
Microsoft 1.4803 2009.07.11 Trojan:Win32/Ilomo.gen!A
NOD32 4235 2009.07.11 -
Norman 6.01.09 2009.07.10 -
nProtect 2009.1.8.0 2009.07.11 -
Panda 10.0.0.14 2009.07.11 -
PCTools 4.4.2.0 2009.07.11 -
Prevx 3.0 2009.07.12 -
Rising 21.37.52.00 2009.07.11 -
Sophos 4.43.0 2009.07.11 Mal/Clomp-A
Sunbelt 3.2.1858.2 2009.07.11 Trojan.Win32.Ilomo!IK
Symantec 1.4.4.12 2009.07.12 -
TheHacker 6.3.4.3.365 2009.07.11 -
TrendMicro 8.950.0.1094 2009.07.10 -
VBA32 3.12.10.8 2009.07.11 -
ViRobot 2009.7.11.1831 2009.07.11 -
VirusBuster 4.6.5.0 2009.07.11 -
Additional information
File size: 509440 bytes
MD5…: 806b6e935eaa8923427408be5b1e11bf
SHA1..: e640681e1704941cd8ca02bc93fc45905868f069
SHA256: 88901a193da2c24412e78d57be0df3e3a147a142d3b565e9be3f7563bf7db790
ssdeep: 12288:LIFZ7RSkZQTjLyP35ZKGdbFKNdBOER8×9HzogQy+:LIMkqTjM5jdbKt6Hx
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information







( base data )
entrypointaddress.: 0×1f82
timedatestamp…..: 0×43517510 (Sat Oct 15 21:30:56 2005)
machinetype…….: 0×14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0×1000 0×27a8 0×2800 6.80 e24411d0d235db6a8e6edb6174eda970
.rdata 0×4000 0xc4a 0xe00 4.67 22f7a9b4c70d2946d76ecb83bad3bfee
.reloc 0×5000 0×6c160 0×6c200 8.00 eeea2f2f2b52b4dc9532237f9e7dcf1b
.bss 0×72000 0xc812 0xca00 6.57 7343c2addd9950b0be066b8251e804f2

( 8 imports )
> WININET.dll: InternetGetConnectedState, InternetReadFile, InternetCrackUrlA, GopherCreateLocatorA, InternetSetStatusCallback, HttpSendRequestA, InternetQueryOptionA, HttpOpenRequestA, HttpSendRequestExA, FtpCreateDirectoryA, FtpRemoveDirectoryA, InternetCloseHandle, InternetQueryDataAvailable, InternetWriteFile, HttpEndRequestA, InternetCanonicalizeUrlA, HttpAddRequestHeadersA, HttpSendRequestW
> WS2_32.dll: -, -, -, -
> KERNEL32.dll: LoadLibraryA, GetDateFormatW, lstrcatW, VirtualAlloc, GetFileSize, CreateDirectoryW, LocalFree, GetTickCount, CreateFileW, GetProcAddress, GetTimeFormatW, Sleep, MultiByteToWideChar, GetLastError, GlobalFree, QueryPerformanceCounter, GetModuleHandleW, SetEndOfFile, GlobalAlloc, GlobalLock, lstrcmpW, GetProfileIntW, GetThreadLocale, GetCurrentProcessId, GetModuleHandleA
> USER32.dll: DefWindowProcW, LoadMenuW, UpdateWindow, DestroyWindow, MapWindowPoints, SetRectEmpty, GetClientRect, EnableWindow, GetSysColor, GetDesktopWindow, DeleteMenu, WinHelpW, PeekMessageW, GetDlgItemInt, RegisterClassExW, GetSubMenu, GetSystemMetrics, IsClipboardFormatAvailable, KillTimer, SetCapture, MessageBeep, EqualRect, DeferWindowPos, SetClassLongW, GetWindowLongW, GetDlgItem, GetWindow, SetTimer, MessageBoxW, SetCaretPos, PostQuitMessage, ModifyMenuW, InvalidateRect, EndPaint, IsWindow, GetMenuItemInfoW, SetWindowTextW, GetProcessDefaultLayout, PtInRect, DestroyMenu, GetWindowPlacement, FillRect, ShowCaret
> GDI32.dll: CreateBitmap, GetDIBits, Ellipse, SelectPalette, StretchBlt, SetROP2, EndDoc, PatBlt, GetTextExtentPoint32W, CreatePalette, SelectClipRgn, GetTextMetricsW, CreateCompatibleDC, RealizePalette, EnumFontFamiliesW, SetBkColor, SetBkMode, SetViewportOrgEx, GetPixel, Polyline, CreateICW
> COMDLG32.dll: ReplaceTextA
> ADVAPI32.dll: RegCloseKey
> OLEAUT32.dll: -, -, -, -, -

( 0 exports )
PDFiD.: -
RDS…: NSRL Reference Data Set
-
packers (Kaspersky): PE_Patch


Related posts:

  1. New Version of “Ilomo (Ilomo!IK) Trojan” Not Detected From Most Of Protection Systems (Include Manual Removal)
  2. McAfee signature update Kill Windows systems
  3. The New Version of Swizzor Trojan Not Detected Yet and How to Remove it Manually
  4. Microsoft user? Adobe user? Update your systems now
  5. Removal tool for Dybalom.gd Trojan and Key logger not detected yet

Tags:

Comments

One Response to “New Update about ( Ilomo, Clomp-A Trojan ) Detected from Microsoft and Sophos AV systems”
  1. aldo says:
    2009/07/24 at 7:28 am

    Well good… I like it when free is better than paid :D

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!