VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Monday, 12 November 2007

VS0711002 Possible New Malware [Agent?]

Data on a sample of a suspected new malware being seeded
via an e-mail with a link to a fake YouTube website.

I have included data on a sample of the file offered on
the site for your information and analysis.

2 copies have been trapped so far.

I haven't had a chance to test it on a goat system yet.

============================================================

Details:

FileName: install_flash_player.exe.1
FileDateTime: 12/11/2007 12:09:43
Filesize: 1228800
MD5: 29a8b08786a6a5bd253df5b2a42e7979
CRC32: E8ED5280
File Type: PE Executable

============================================================

Scan report of: install_flash_player.exe.1

@Proventia-VPS -
AntiVir -
Avast! -
AVG -
BitDefender -
ClamAV -
Command -
Dr Web -
eSafe -
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure -
F-Secure (BETA) Trojan-Dropper:W32/Agent.CPL
Fortinet -
Fortinet (BETA) -
Ikarus Win32.SuspectCrc
Kaspersky -
McAfee -
McAfee (BETA) -
Microsoft -
Nod32 -
Norman -
Panda -
Panda (BETA) -
QuickHeal -
Rising -
Sophos -
Sunbelt -
Symantec -
Symantec (BETA) -
Trend Micro -
Trend Micro (BETA) -
VBA32 -
VirusBuster -
WebWasher -
YY_A-Squared -
YY_Spybot -

============================================================

More details can be found here on my MoMusings blog.

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home