VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Saturday, 27 January 2007

VS0701007 Possible New Malware [Sdbot?]

Data on a sample of a suspected new malware from a suspected infected system.

This was caught by an end-user.

I have included data on a sample for your information and analysis.

1 copy has been trapped so far.

I haven't had a chance to test them on a goat system yet.

============================================================

Details:

FileName: msrdc.exe
FileDateTime: 26/01/2007 16:35:00
Filesize: 1262592
MD5: 7a108a8fda9ab48b5bcb23873530d480
CRC32: 3282F443
File Type: PE Executable

============================================================

Scan report of: msrdc.exe

@Proventia-VPS -
AntiVir Worm/Sdbot.1262592
Avast! -
AVG IRC/BackDoor.SdBot2.PLI (Trojan horse)
BitDefender -
ClamAV -
Command W32/Backdoor.ZLO
Dr Web -
eSafe Win32.SdBot.bcf
eTrust-INO -
eTrust-INO (BETA) -
eTrust-VET -
eTrust-VET (BETA) -
Ewido Backdoor.SdBot.bcf
F-Prot W32/Backdoor.ZLO
F-Secure Backdoor.Win32.SdBot.bcf
F-Secure (BETA) Backdoor.Win32.SdBot.bcf
Fortinet W32/IRCBot.YW!tr.bdr
Fortinet (BETA) W32/IRCBot.YW!tr.bdr
Ikarus -
Kaspersky Backdoor.Win32.SdBot.bcf
McAfee W32/Sdbot.worm.gen.ca
McAfee (BETA) W32/Sdbot.worm.gen.ca
Microsoft -
Nod32 -
Norman -
Panda Suspicious file
Panda (BETA) Suspicious file
QuickHeal -
Rising -
Sophos -
Symantec W32.Spybot.Worm
Symantec (BETA) W32.Spybot.Worm
Trend Micro WORM_SDBOT.BTV
Trend Micro (BETA) WORM_SDBOT.BTV
UNA Backdoor.SdBot.EA0B
VBA32 Backdoor.Win32.SdBot.bcf
VirusBuster -
WebWasher Worm.Sdbot.1262592
YY_Spybot -

============================================================

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home