Some new malware - a.exe, gop.exe etc
We have some "new" malware this time, ranging from trojans to rootkits. One of them is a trojan which detected by some of the AVs as
Trojan.Shadu. The dropped file has is named as
a.exe. More information about this can be obtained here.
And, another one is a trojan which drops a rootkit. The trojan dropper drops a file named
Gop.exewhich installs a rootkit. AntiVir detects
TR/Small.DBY.DB. The rootkit driver that's installed by
Gop.exeis named as
vdo_4e2b-928.sys(generally, it will be named as
vdo_[random_numbers]-[random_numbers].sys) and belongs to
Win32.Tibsfamily. More information about this can be obtained here.