Fake Windows Media Player!
Here's a rogue website which fakes Windows Media Player. This time, gang behind these websites has given good amount of attention-to-detail for their fake Windows Media Player. This fake player initially tries to "search" for codecs in
update.microsoft.comand then offers a codec (fake, obviously!) for download. Here are some of the screenshots of fake player:
The codec is named as Megazcodec and is hosted at
http://megazcodec.com. Megazcodec is yet another Zlob/DNSChanger variant; however it is not well detected as of now. The VirusTotal report is as shown:
AntiVir 184.108.40.206 - TR/Dropper.Gen
BitDefender - Trojan.DNSChanger.VD
Ikarus - Win32.SuspectCrc
Sunbelt 3.1.1610.1 - Media Code, Inc (v)
Webwasher-Gateway - Trojan.Dropper.Gen
Complete VirusTotal scan result can be found here.