VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Wednesday, 24 January 2007

VS0701004 Possible New Malware [Sdbot?]

Data ona sample of a suspected new malware from a suspected infected system.

This was caught by an end-user.

I have included data on a sample for your information and analysis.

1 copy has been trapped so far.

I haven't had a chance to test them on a goat system yet.



FileName: dflrwsxq.exe
FileDateTime: 11/05/2003 20:12:10
Filesize: 158720
MD5: 27376b472d43d2be1baf9eec9c130d93
CRC32: 30381941
File Type: PE Executable


Scan report of: dflrwsxq.exe

@Proventia-VPS Malicious (Cancelled)
AntiVir Worm/Sdbot.148609
Avast! -
AVG IRC/BackDoor.SdBot2.RHT (Trojan horse)
BitDefender GenPack:Generic.Sdbot.83DF54A9
ClamAV -
Command -
Dr Web Win32.HLLW.MyBot.based
eSafe Trojan/Worm [100] (suspicious)
eTrust-INO -
eTrust-INO (BETA) -
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure -
F-Secure (BETA) -
Fortinet -
Fortinet (BETA) -
Ikarus -
Kaspersky -
McAfee -
McAfee (BETA) -
Microsoft -
Nod32 Win32/Rbot trojan (variant)
Norman W32/Malware.HIY
Panda Suspicious file
Panda (BETA) Suspicious file
QuickHeal Suspicious (warning)
Rising -
Sophos Mal/Packer
Symantec W32.Spybot.Worm
Symantec (BETA) W32.Spybot.Worm
Trend Micro -
Trend Micro (BETA) -
UNA Backdoor.SdBot.C625
VBA32 Win32.HLLW.MyBot.based
VirusBuster -
WebWasher Worm.Sdbot.148609
YY_Spybot -


Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home