VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Tuesday, 15 January 2008

VS0801001 Possible New Malware [Agent?]

Data on a sample of a suspected new malware being seeded
via an e-mail with a link to a fake MySpace website.

I have included data on a sample of the file
offered on the site for your information and analysis.

1 copy has been trapped so far.

I haven't had a chance to test it on a goat system yet.

============================================================

Details:

FileName: install_flash_player.exe
FileDateTime: 15/01/2008 10:33:54
Filesize: 43008
MD5: 602e3b55391b8ac990c4c6620e9aac7a
CRC32: C36C8998
File Type: PE Executable
Packer: UPX

============================================================

Scan report of: install_flash_player.exe

@Proventia-VPS -
AntiVir TR/Agent.43008.15
Avast! -
AVG SHeur.AMSM (Trojan horse)
BitDefender DeepScan:Generic.Malware.FBldld.1B33C1C9
ClamAV -
Command -
Dr Web -
eSafe Trojan/Worm [101] (suspicious)
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure Backdoor:W32/Agent.CTH
F-Secure (BETA) Backdoor:W32/Agent.CTH
Fortinet suspicious
Fortinet (BETA) suspicious
Ikarus Win32.SuspectCrc
Kaspersky -
McAfee -
McAfee (BETA) Proxy-Agent.af trojan
Microsoft -
Nod32 -
Norman W32/Agent.DVRK
Panda -
Panda (BETA) -
QuickHeal Win32.Backdoor.Agent.aju
Rising -
Sophos Sus/Dropper-A (suspicious)
Sunbelt -
Symantec -
Symantec (BETA) -
Trend Micro -
Trend Micro (BETA) -
VBA32 -
VirusBuster -
WebWasher Trojan.Agent.43008.15
YY_A-Squared -
YY_Spybot Worldsecurityonline.FakeAlert,,Executable

============================================================

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home