VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Tuesday, 13 February 2007

VS0702003 Possible new malware [Sdbot?]

Data on a sample of a suspected new malware from a suspected
infected system.

This was caught by an end-user.

I have included data on a sample for your information and analysis.

1 copy has been trapped so far.

I haven't had a chance to test them on a goat system yet.

============================================================

Details:

FileName: svrhost.exe
FileDateTime: 11/05/2003 21:12:10
Filesize: 337920
MD5: a37215501c4c8e08295d8407dd571aca
CRC32: DE48337
File Type: PE Executable
File Attributes: RHSA

============================================================

Scan report of: svrhost.exe

@Proventia-VPS -
AntiVir Worm/Sdbot.337920
Avast! Win32:Eggdrop-AC [Trj]
AVG -
BitDefender DeepScan:Generic.Sdbot.F305D174
ClamAV -
Command -
Dr Web -
eSafe -
eTrust-INO -
eTrust-INO (BETA) -
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure -
F-Secure (BETA) -
Fortinet -
Fortinet (BETA) -
Ikarus -
Kaspersky -
McAfee -
McAfee (BETA) -
Microsoft -
Nod32 NewHeur_PE (probably unknown virus)
Norman -
Panda -
Panda (BETA) -
QuickHeal -
Rising Backdoor.SdBot.wkz
Sophos Troj/IRCBot-UB
Symantec -
Symantec (BETA) W32.Spybot.Worm
Trend Micro -
Trend Micro (BETA) TROJ_IRCBOT.PG
UNA -
VBA32 -
VirusBuster -
WebWasher Worm.Sdbot.337920
YY_Spybot -

============================================================

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home