{
	"id": "b1194341-f5f7-4a7d-af97-7386d3ceadf3",
	"created_at": "2026-04-06T00:11:29.622029Z",
	"updated_at": "2026-04-10T03:21:31.025445Z",
	"deleted_at": null,
	"sha1_hash": "97fedac4397c7028e01edffe0d702029809f37d4",
	"title": "March 2010 Opachki Trojan update and sample",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 49949,
	"plain_text": "March 2010 Opachki Trojan update and sample\r\nArchived: 2026-04-05 21:53:28 UTC\r\nMarch 2010 Opachki Trojan update and sample\r\nI already posted a few links for Opachki trojan in November 2009.  Here is an update.\r\n \r\nDownload dropper.exe and dropped rundll32.dll as a password protected archive. Please contact me if you need\r\nthe password\r\nDetails:\r\n2ded7ee112cea2db509ba95dc09fded6  dropper.exe\r\n032e8fced2fbed146c30a47d4989804b  rundll32.dll\r\nOpachki, from (and to) Russia with love  by Bojan Zdrnja - Internet Storm Center Diary\r\nOpachki Link Hijacker Trojan Analysis by Joe Stewart Secure Works\r\nOpachki Trojan Hijacking Web Links by Dennis Fisher Threatpost\r\nTrojan:Win32/Opachki : redirections Google by Malekal_morte\r\nMarch 2010 Virustotal scan results of the available sample. Please note this sample dates to October 2009. Newer\r\nversions and samples will have lower detection rate and may get slightly different names.\r\n File dropper.exe received on 2010.03.07 16:46:50 (UTC)\r\nwww.virustotal.com/analisis/787d0eae3fb29883b8dba9c3bcc00793baa4a54fbad0921d1aee7f5e6ad86907-\r\n1267980410\r\nResult: 37/42 (88.1%)\r\na-squared    4.5.0.50    2010.03.07    Packed.Win32.Krap!IK\r\nAhnLab-V3    5.0.0.2    2010.03.07    Win-Trojan/Krap.31232.K\r\nAntiVir    8.2.1.180    2010.03.05    TR/Crypt.ZPACK.Gen\r\nAntiy-AVL    2.0.3.7    2010.03.05    Packed/Win32.Krap.gen\r\nAuthentium    5.2.0.5    2010.03.06    W32/Trojan2.KMYU\r\nAvast    4.8.1351.0    2010.03.07    Win32:MalOb-R\r\nAvast5    5.0.332.0    2010.03.07    Win32:MalOb-R\r\nAVG    9.0.0.787    2010.03.07    Win32/Cryptor\r\nBitDefender    7.2    2010.03.07    Trojan.Generic.2594388\r\nCAT-QuickHeal    10.00    2010.03.06    Trojan.Krap.ah\r\nComodo    4091    2010.02.28    TrojWare.Win32.Trojan.Agent.Gen\r\nDrWeb    5.0.1.12222    2010.03.07    Trojan.Packed.683\r\neSafe    7.0.17.0    2010.03.04    Win32.Horse\r\nF-Prot    4.5.1.85    2010.03.06    W32/Trojan2.KMYU\r\nhttp://contagiodump.blogspot.com/2010/03/march-2010-opachki-trojan-update-and.html\r\nPage 1 of 3\n\nF-Secure    9.0.15370.0    2010.03.07    Packed:W32/Tikmis.gen!A\r\nFortinet    4.0.14.0    2010.03.07    W32/Krap.AH\r\nGData    19    2010.03.07    Trojan.Generic.2594388\r\nIkarus    T3.1.1.80.0    2010.03.07    Packed.Win32.Krap\r\nJiangmin    13.0.900    2010.03.07    Packed.Krap.zvc\r\nK7AntiVirus    7.10.990    2010.03.04    Trojan.Win32.Malware.4\r\nKaspersky    7.0.0.125    2010.03.07    Packed.Win32.Krap.ah\r\nMcAfee    5912    2010.03.06    Opachki.a\r\nMcAfee+Artemis    5912    2010.03.06    Opachki.a\r\nMcAfee-GW-Edition    6.8.5    2010.03.07    Trojan.Crypt.ZPACK.Gen\r\nMicrosoft    1.5502    2010.03.07    Trojan:Win32/Opachki.A\r\nNOD32    4922    2010.03.07    Win32/TrojanDropper.Agent.OLQ\r\nNorman    6.04.08    2010.03.07    W32/Crypt.dam\r\nnProtect    2009.1.8.0    2010.03.07    Trojan/W32.Krap.31232.L\r\nPanda    10.0.2.2    2010.03.07    Trj/Zlob.KH\r\nPCTools    7.0.3.5    2010.03.04    Trojan.Generic\r\nPrevx    3.0    2010.03.07    High Risk Cloaked Malware\r\nSophos    4.51.0    2010.03.07    Mal/FakeAV-BX\r\nSunbelt    5780    2010.03.07    Trojan.Win32.Generic!VS\r\nSymantec    20091.2.0.41    2010.03.07    Trojan Horse\r\nTrendMicro    9.120.0.1004    2010.03.07    TROJ_OPACHKI.I\r\nVBA32    3.12.12.2    2010.03.05    BScope.Win32.AntiAV2010\r\nVirusBuster    5.0.27.0    2010.03.06    Trojan.Opachki.EK\r\nAdditional information\r\nFile size: 31232 bytes\r\nMD5...: 2ded7ee112cea2db509ba95dc09fded6\r\n File rundll32.dll received on 2010.03.07 16:55:25 (UTC)\r\nhttp://www.virustotal.com/analisis/8f7684eed8707df29772df1285232df84d2e9be814aced65f3f02c7770632988-\r\n1267980925\r\nResult: 37/42 (88.1%)\r\na-squared    4.5.0.50    2010.03.07    Packed.Win32.Krap!IK\r\nAhnLab-V3    5.0.0.2    2010.03.07    Win-Trojan/Krap.23552.V\r\nAntiVir    8.2.1.180    2010.03.05    TR/PCK.Krap.AH.49\r\nAntiy-AVL    2.0.3.7    2010.03.05    Packed/Win32.Krap.gen\r\nAuthentium    5.2.0.5    2010.03.06    W32/Trojan2.KMWX\r\nAvast    4.8.1351.0    2010.03.07    Win32:Malware-gen\r\nAvast5    5.0.332.0    2010.03.07    Win32:Malware-gen\r\nAVG    9.0.0.787    2010.03.07    SHeur2.BMZG\r\nhttp://contagiodump.blogspot.com/2010/03/march-2010-opachki-trojan-update-and.html\r\nPage 2 of 3\n\nBitDefender    7.2    2010.03.07    Trojan.Renos.OVU\r\nCAT-QuickHeal    10.00    2010.03.06    Trojan.Krap.ah\r\nComodo    4091    2010.02.28    TrojWare.Win32.Krap.ah\r\nDrWeb    5.0.1.12222    2010.03.07    Trojan.Packed.683\r\neSafe    7.0.17.0    2010.03.04    Win32.Horse\r\nF-Prot    4.5.1.85    2010.03.06    W32/Trojan2.KMWX\r\nF-Secure    9.0.15370.0    2010.03.07    Trojan.Renos.OVU\r\nGData    19    2010.03.07    Trojan.Renos.OVU\r\nIkarus    T3.1.1.80.0    2010.03.07    Packed.Win32.Krap\r\nJiangmin    13.0.900    2010.03.07    Packed.Krap.aayt\r\nK7AntiVirus    7.10.990    2010.03.04    Trojan.Win32.Malware.1\r\nKaspersky    7.0.0.125    2010.03.07    Packed.Win32.Krap.ah\r\nMcAfee    5912    2010.03.06    Opachki.a\r\nMcAfee+Artemis    5912    2010.03.06    Opachki.a\r\nMcAfee-GW-Edition    6.8.5    2010.03.07    Trojan.PCK.Krap.AH.49\r\nMicrosoft    1.5502    2010.03.07    Trojan:Win32/Opachki.A\r\nNOD32    4922    2010.03.07    Win32/Opachki.A\r\nNorman    6.04.08    2010.03.07    W32/Smalltroj.UDWN\r\nnProtect    2009.1.8.0    2010.03.07    Trojan/W32.Krap.23552.AZ\r\nPanda    10.0.2.2    2010.03.07    Trj/Zlob.KH\r\nPCTools    7.0.3.5    2010.03.04    RogueAntiSpyware.AntivirusSystemPro\r\nPrevx    3.0    2010.03.07    Medium Risk Malware\r\nSophos    4.51.0    2010.03.07    Troj/Bredo-N\r\nSunbelt    5780    2010.03.07    Trojan.Win32.Generic!BT\r\nSymantec    20091.2.0.41    2010.03.07    Trojan Horse\r\nTheHacker    6.5.1.9.223    2010.03.07    Trojan/Krap.ah\r\nTrendMicro    9.120.0.1004    2010.03.07    TROJ_BREDO.D\r\nVBA32    3.12.12.2    2010.03.05    BScope.Win32.AntiAV2010\r\nVirusBuster    5.0.27.0    2010.03.06    Trojan.Sisron.BPV\r\nAdditional information\r\nFile size: 23552 bytes\r\nMD5...: 032e8fced2fbed146c30a47d4989804b\r\nThreatexpert report\r\nhttp://www.threatexpert.com/report.aspx?md5=2ded7ee112cea2db509ba95dc09fded6\r\nSource: http://contagiodump.blogspot.com/2010/03/march-2010-opachki-trojan-update-and.html\r\nhttp://contagiodump.blogspot.com/2010/03/march-2010-opachki-trojan-update-and.html\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"references": [
		"http://contagiodump.blogspot.com/2010/03/march-2010-opachki-trojan-update-and.html"
	],
	"report_names": [
		"march-2010-opachki-trojan-update-and.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434289,
	"ts_updated_at": 1775791291,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/97fedac4397c7028e01edffe0d702029809f37d4.pdf",
		"text": "https://archive.orkl.eu/97fedac4397c7028e01edffe0d702029809f37d4.txt",
		"img": "https://archive.orkl.eu/97fedac4397c7028e01edffe0d702029809f37d4.jpg"
	}
}