VSUB - Malware Submissions

Details on new malware submitted to anti-malware vendors for inclusion in their products...

Tuesday, 15 January 2008

VS0801002 Possible New Malware [Nuwar?]

Data on a sample of a suspected new malware being seeded
via an e-mail with a link to a fake Valentine ecard.

I have included data on a sample of the file
offered on the site for your information and analysis.

1 copy has been trapped so far.

I haven't had a chance to test it on a goat system yet.

============================================================

Details:

FileName: withlove.exe
FileDateTime: 15/01/2008 18:47:22
Filesize: 114688
MD5: 62b32aaf553e515ba4967aaf64f84a6e
CRC32: 25C30FDE
File Type: PE Executable

============================================================

Scan report of: withlove.exe.1

@Proventia-VPS -
AntiVir -
Avast! -
AVG -
BitDefender -
ClamAV -
Command -
Dr Web -
eSafe -
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure -
F-Secure (BETA) -
Fortinet suspicious
Fortinet (BETA) suspicious
Ikarus -
Kaspersky -
McAfee -
McAfee (BETA) -
Microsoft -
Nod32 Win32/Nuwar worm (variant)
Norman -
Panda -
Panda (BETA) -
QuickHeal -
Rising -
Sophos -
Sunbelt -
Symantec -
Symantec (BETA) -
Trend Micro -
Trend Micro (BETA) -
VBA32 -
VirusBuster -
WebWasher Win32.Malware.gen!88 (suspicious)
YY_A-Squared -
YY_Spybot -

============================================================

Labels: ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home