Jump to content

Small test #2

nosirrah

By nosirrah
in General Chat

 Share

Recommended Posts

nosirrah

nosirrah

Posted
Posted

As with the last test please do not reply. I will use this thread to document changes in detection to a serious threat over time.

In this case I will be posting gen 1 and gen 2 of the same threat from the same source. I will include further generations as they are generated.

First gen 1. At this moment this sample is a day old and already obsolete.

SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa

SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6

MD5: 8b196c4ac506ec2350ae134b5a9038d1

File size: 113.0 KB ( 115712 bytes )

File name: E:\Downloads\0.4068175439503239.exe

File type: Win32 EXE

Detection ratio: 3 / 42

Analysis date: 2012-07-18 20:04:40 UTC ( 0 minutes ago )

AhnLab-V3 - 20120718

AntiVir - 20120718

Antiy-AVL - 20120717

Avast - 20120718

AVG - 20120718

BitDefender - 20120718

ByteHero - 20120716

CAT-QuickHeal - 20120718

ClamAV - 20120718

Commtouch - 20120718

Comodo TrojWare.Win32.Trojan.Agent.Gen 20120718

DrWeb - 20120718

Emsisoft - 20120718

eSafe - 20120717

ESET-NOD32 a variant of Win32/Kryptik.AIPA 20120718

F-Prot - 20120718

F-Secure - 20120718

Fortinet - 20120718

GData - 20120718

Ikarus - 20120718

Jiangmin - 20120718

K7AntiVirus - 20120718

Kaspersky Trojan.Win32.TDSS.isog 20120718

McAfee - 20120718

McAfee-GW-Edition - 20120718

Microsoft - 20120718

Norman - 20120718

nProtect - 20120718

Panda - 20120718

PCTools - 20120718

Rising - 20120718

Sophos - 20120718

SUPERAntiSpyware - 20120718

Symantec - 20120718

TheHacker - 20120717

TotalDefense - 20120718

TrendMicro - 20120718

TrendMicro-HouseCall - 20120718

VBA32 - 20120718

VIPRE - 20120718

ViRobot - 20120718

VirusBuster - 20120718

First seen by VirusTotal

2012-07-17 16:06:18 UTC ( 1 day, 3 hours ago )

Last seen by VirusTotal

2012-07-18 20:04:40 UTC ( 1 minute ago )

And now gen 2

SHA256: e93c933ff4a5ad5aad1ba94bc4e4feb035455819c49bf9be3187d96b949edae5

SHA1: b762d5c49abcd2e2339fd2c471a6066af701ef5b

MD5: dbab54d791dfadf77963b4d2ded4da9c

File size: 111.5 KB ( 114176 bytes )

File name: E:\Downloads\0.03319031509948378.exe

File type: Win32 EXE

Detection ratio: 1 / 42

Analysis date: 2012-07-18 20:03:43 UTC ( 0 minutes ago )

AhnLab-V3 - 20120718

AntiVir - 20120718

Antiy-AVL - 20120717

Avast - 20120718

AVG - 20120718

BitDefender - 20120718

ByteHero - 20120716

CAT-QuickHeal - 20120718

ClamAV - 20120718

Commtouch - 20120718

Comodo - 20120718

DrWeb - 20120718

Emsisoft - 20120718

eSafe - 20120717

ESET-NOD32 - 20120718

F-Prot - 20120718

F-Secure - 20120718

Fortinet - 20120718

GData - 20120718

Ikarus - 20120718

Jiangmin - 20120718

K7AntiVirus - 20120718

Kaspersky - 20120718

McAfee - 20120718

McAfee-GW-Edition - 20120718

Microsoft - 20120718

Norman - 20120718

nProtect - 20120718

Panda - 20120718

PCTools - 20120718

Rising - 20120718

Sophos - 20120718

SUPERAntiSpyware - 20120718

Symantec Suspicious.Cloud.5 20120718

TheHacker - 20120717

TotalDefense - 20120717

TrendMicro - 20120718

TrendMicro-HouseCall - 20120718

VBA32 - 20120718

VIPRE - 20120718

ViRobot - 20120718

VirusBuster - 20120718

First seen by VirusTotal

2012-07-18 18:19:36 UTC ( 1 hour, 46 minutes ago )

Last seen by VirusTotal

2012-07-18 20:03:43 UTC ( 2 minutes ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

updating again

Here is the current detection for the now 4 day obsolete trojan.

SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa

SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6

MD5: 8b196c4ac506ec2350ae134b5a9038d1

File size: 113.0 KB ( 115712 bytes )

File name: E:\Downloads\0.4068175439503239.exe

File type: Win32 EXE

Detection ratio: 22 / 42

Analysis date: 2012-07-21 20:10:58 UTC ( 0 minutes ago )

AhnLab-V3 Trojan/Win32.Tdss 20120721

AntiVir TR/Alureon.FO.9 20120721

Antiy-AVL - 20120717

Avast Win32:Alureon-ATW [Trj] 20120721

AVG Generic28.CIHX 20120721

BitDefender Trojan.Generic.KDV.675625 20120721

ByteHero - 20120719

CAT-QuickHeal - 20120721

ClamAV - 20120721

Commtouch - 20120721

Comodo TrojWare.Win32.Trojan.Agent.Gen 20120721

DrWeb - 20120721

Emsisoft Trojan.Win32.Tdss!IK 20120721

eSafe - 20120719

ESET-NOD32 a variant of Win32/Kryptik.AIPA 20120721

F-Prot - 20120721

F-Secure Trojan.Generic.KDV.675625 20120721

Fortinet W32/TDSS.ISOG!tr 20120721

GData Trojan.Generic.KDV.675625 20120721

Ikarus Trojan.Win32.Tdss 20120721

Jiangmin Trojan/TDSS.aiqz 20120721

K7AntiVirus - 20120721

Kaspersky Trojan.Win32.TDSS.isog 20120721

McAfee Generic BackDoor.abk 20120721

McAfee-GW-Edition Artemis!8B196C4AC506 20120721

Microsoft Trojan:Win32/Alureon.FO 20120721

Norman W32/Troj_Generic.CZIVT 20120721

nProtect Trojan/W32.Agent.115712.QJ 20120721

Panda Trj/CI.A 20120721

PCTools - 20120721

Rising - 20120720

Sophos - 20120721

SUPERAntiSpyware - 20120721

Symantec - 20120721

TheHacker - 20120720

TotalDefense - 20120718

TrendMicro - 20120721

TrendMicro-HouseCall - 20120721

VBA32 - 20120720

VIPRE Trojan.Win32.Generic!BT 20120721

ViRobot Trojan.Win32.A.Tdss.115712.BS 20120721

VirusBuster - 20120721

First seen by VirusTotal

2012-07-17 16:06:18 UTC ( 4 days, 4 hours ago )

Last seen by VirusTotal

2012-07-21 20:10:58 UTC ( 1 minute ago )

And now the detections for the newest mutation.

SHA256: 5f8285675a407cabf426fa23377fc34b3faf1c9c6e80403f23715e0f28fe8a5f

SHA1: a6c0a86edd76119b4a7e25f18fcc008929ac6ea8

MD5: a83b0989072f0a01702a44d44202d141

File size: 25.6 KB ( 26188 bytes )

File name: E:\Downloads\890982cos4023832.exe

File type: Win32 EXE

Detection ratio: 2 / 42

Analysis date: 2012-07-21 20:10:19 UTC ( 0 minutes ago )

AhnLab-V3 - 20120721

AntiVir - 20120721

Antiy-AVL - 20120717

Avast - 20120721

AVG - 20120721

BitDefender - 20120721

ByteHero - 20120719

CAT-QuickHeal - 20120721

ClamAV - 20120721

Commtouch - 20120721

Comodo TrojWare.Win32.Kryptik.AFFK 20120721

DrWeb - 20120721

Emsisoft - 20120721

eSafe - 20120719

ESET-NOD32 - 20120721

F-Prot - 20120721

F-Secure - 20120721

Fortinet - 20120721

GData - 20120721

Ikarus - 20120721

Jiangmin - 20120721

K7AntiVirus - 20120721

Kaspersky - 20120721

McAfee - 20120721

McAfee-GW-Edition - 20120721

Microsoft - 20120721

Norman - 20120721

nProtect - 20120721

Panda Suspicious file 20120721

PCTools - 20120721

Rising - 20120720

Sophos - 20120721

SUPERAntiSpyware - 20120721

Symantec - 20120721

TheHacker - 20120720

TotalDefense - 20120718

TrendMicro - 20120721

TrendMicro-HouseCall - 20120721

VBA32 - 20120720

VIPRE - 20120721

ViRobot - 20120721

VirusBuster - 20120721

First seen by VirusTotal

2012-07-21 20:10:19 UTC ( 2 minutes ago )

Last seen by VirusTotal

2012-07-21 20:10:19 UTC ( 2 minutes ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

updating again

Here is the current detection for the now 5 day obsolete trojan.

SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa

SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6

MD5: 8b196c4ac506ec2350ae134b5a9038d1

File size: 113.0 KB ( 115712 bytes )

File name: E:\Downloads\0.4068175439503239.exe

File type: Win32 EXE

Detection ratio: 24 / 41

Analysis date: 2012-07-23 07:17:36 UTC ( 0 minutes ago )

AhnLab-V3 Trojan/Win32.Tdss 20120723

AntiVir TR/Alureon.FO.9 20120723

Antiy-AVL - 20120717

Avast Win32:Alureon-ATW [Trj] 20120723

AVG Generic28.CIHX 20120722

BitDefender Trojan.Generic.KDV.675625 20120723

ByteHero - 20120719

CAT-QuickHeal Trojan.Tdss.isog 20120723

ClamAV - 20120723

Commtouch - 20120723

Comodo TrojWare.Win32.Trojan.Agent.Gen 20120723

DrWeb - 20120723

Emsisoft Trojan.Win32.Tdss!IK 20120723

eSafe - 20120722

ESET-NOD32 a variant of Win32/Kryptik.AIPA 20120722

F-Prot - 20120723

F-Secure Trojan.Generic.KDV.675625 20120723

Fortinet W32/TDSS.ISOG!tr 20120721

GData Trojan.Generic.KDV.675625 20120723

Ikarus Trojan.Win32.Tdss 20120723

Jiangmin Trojan/TDSS.aiqz 20120723

K7AntiVirus - 20120721

Kaspersky Trojan.Win32.TDSS.isog 20120723

McAfee Generic BackDoor.abk 20120723

McAfee-GW-Edition Artemis!8B196C4AC506 20120722

Microsoft Trojan:Win32/Alureon.FO 20120723

Norman W32/Troj_Generic.CZIVT 20120721

nProtect Trojan/W32.Agent.115712.QJ 20120723

Panda Trj/CI.A 20120722

Rising - 20120723

Sophos - 20120723

SUPERAntiSpyware - 20120722

Symantec - 20120723

TheHacker Trojan/Kryptik.aipa 20120722

TotalDefense - 20120718

TrendMicro - 20120723

TrendMicro-HouseCall - 20120723

VBA32 - 20120720

VIPRE Trojan.Win32.Generic!BT 20120723

ViRobot Trojan.Win32.A.Tdss.115712.BS 20120723

VirusBuster - 20120722

First seen by VirusTotal

2012-07-17 16:06:18 UTC ( 5 days, 15 hours ago )

Last seen by VirusTotal

2012-07-23 07:17:36 UTC ( 4 minutes ago )

And now the detections for the newest mutation. As you can see I was not the first to get to this one this time as it was first checked 3 hours ago so these detections may be higher than at 0hour.

SHA256: 1e1bab15ab614526d96317f64180c3209eedcb98a1902aad048f185e8fa7123f

SHA1: 73e2083a5d67ef601b7a68073106b90ed6277477

MD5: 296af247727a2c5c14b5d102efcac477

File size: 118.5 KB ( 121344 bytes )

File name: E:\Downloads\0.7420048455182366.exe

File type: Win32 EXE

Detection ratio: 4 / 41

Analysis date: 2012-07-23 07:16:36 UTC ( 0 minutes ago )

AhnLab-V3 Trojan/Win32.Tdss 20120723

AntiVir - 20120723

Antiy-AVL - 20120717

Avast - 20120723

AVG - 20120722

BitDefender - 20120723

ByteHero - 20120719

CAT-QuickHeal - 20120723

ClamAV - 20120723

Commtouch - 20120723

Comodo - 20120723

DrWeb - 20120723

Emsisoft - 20120723

eSafe - 20120722

ESET-NOD32 - 20120722

F-Prot - 20120723

F-Secure - 20120723

Fortinet - 20120721

GData - 20120723

Ikarus - 20120723

Jiangmin - 20120723

K7AntiVirus - 20120721

Kaspersky Trojan.Win32.TDSS.isqb 20120723

McAfee - 20120723

McAfee-GW-Edition - 20120722

Microsoft - 20120723

Norman - 20120721

nProtect - 20120723

Panda Suspicious file 20120722

Rising - 20120723

Sophos - 20120723

SUPERAntiSpyware - 20120722

Symantec - 20120723

TheHacker - 20120722

TotalDefense - 20120718

TrendMicro - 20120723

TrendMicro-HouseCall TROJ_GEN.F47V0723 20120723

VBA32 - 20120720

VIPRE - 20120723

ViRobot - 20120723

VirusBuster - 20120722

First seen by VirusTotal

2012-07-23 04:17:35 UTC ( 3 hours, 6 minutes ago )

Last seen by VirusTotal

2012-07-23 07:16:36 UTC ( 7 minutes ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

updating again

Here is the current detection for the now 6 day obsolete trojan.

SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa

SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6

MD5: 8b196c4ac506ec2350ae134b5a9038d1

File size: 113.0 KB ( 115712 bytes )

File name: E:\Downloads\0.4068175439503239.exe

File type: Win32 EXE

Detection ratio: 26 / 41

Analysis date: 2012-07-24 07:06:10 UTC ( 4 minutes ago )

AhnLab-V3 Trojan/Win32.Tdss 20120724

AntiVir TR/Alureon.FO.9 20120724

Antiy-AVL Trojan/Win32.TDSS.gen 20120724

Avast Win32:Alureon-ATW [Trj] 20120723

AVG Generic28.CIHX 20120723

BitDefender Trojan.Generic.KDV.675625 20120724

ByteHero - 20120723

CAT-QuickHeal Trojan.Tdss.isog 20120724

ClamAV - 20120723

Commtouch - 20120724

Comodo TrojWare.Win32.Trojan.Agent.Gen 20120724

DrWeb - 20120724

Emsisoft Trojan.Win32.Tdss!IK 20120724

eSafe - 20120722

ESET-NOD32 a variant of Win32/Kryptik.AIPA 20120723

F-Prot - 20120723

F-Secure Trojan.Generic.KDV.675625 20120724

Fortinet W32/TDSS.ISOG!tr 20120724

GData Trojan.Generic.KDV.675625 20120724

Ikarus Trojan.Win32.Tdss 20120724

Jiangmin Trojan/TDSS.aiqz 20120724

K7AntiVirus Trojan 20120723

Kaspersky Trojan.Win32.TDSS.isog 20120724

McAfee Generic BackDoor.abk 20120724

McAfee-GW-Edition Artemis!8B196C4AC506 20120723

Microsoft Trojan:Win32/Alureon.FO 20120724

Norman W32/Troj_Generic.CZIVT 20120724

nProtect Trojan/W32.Agent.115712.QJ 20120724

Panda - 20120723

Rising - 20120724

Sophos - 20120724

SUPERAntiSpyware - 20120724

Symantec - 20120724

TheHacker Trojan/Kryptik.aipa 20120724

TotalDefense - 20120724

TrendMicro - 20120724

TrendMicro-HouseCall TROJ_GEN.F47V0723 20120724

VBA32 - 20120723

VIPRE Trojan.Win32.Generic!BT 20120724

ViRobot Trojan.Win32.A.Tdss.115712.BS 20120724

VirusBuster - 20120723

First seen by VirusTotal

2012-07-17 16:06:18 UTC ( 6 days, 15 hours ago )

Last seen by VirusTotal

2012-07-24 07:06:10 UTC ( 3 minutes ago )

And now the detections for the newest mutation.

SHA256: dc140113dcab6f5f465153a21504104fb4712aa0e1aa42a838035f08fd562d89

SHA1: 35bfe66c296cc0fb33d4b5e806ae5fe0d2e12a48

MD5: 1f11e70f34d068b002950a8636ad0e10

File size: 119.0 KB ( 121856 bytes )

File name: E:\Downloads\0.11607481874437486.exe

File type: Win32 EXE

Detection ratio: 6 / 41

Analysis date: 2012-07-24 07:05:53 UTC ( 3 minutes ago )

AhnLab-V3 - 20120724

AntiVir - 20120724

Antiy-AVL - 20120724

Avast - 20120723

AVG - 20120723

BitDefender Gen:Variant.Kazy.82237 20120724

ByteHero - 20120723

CAT-QuickHeal - 20120724

ClamAV - 20120723

Commtouch - 20120724

Comodo - 20120724

DrWeb Trojan.Encoder.origin 20120724

Emsisoft - 20120724

eSafe - 20120722

ESET-NOD32 - 20120723

F-Prot - 20120723

F-Secure Gen:Variant.Kazy.82237 20120724

Fortinet - 20120724

GData Gen:Variant.Kazy.82237 20120724

Ikarus - 20120724

Jiangmin - 20120724

K7AntiVirus - 20120723

Kaspersky Trojan.Win32.TDSS.isqn 20120724

McAfee - 20120724

McAfee-GW-Edition - 20120723

Microsoft - 20120724

Norman - 20120724

nProtect - 20120724

Panda - 20120723

Rising - 20120724

Sophos - 20120724

SUPERAntiSpyware - 20120724

Symantec - 20120724

TheHacker - 20120724

TotalDefense - 20120724

TrendMicro - 20120724

TrendMicro-HouseCall TROJ_GEN.F47V0724 20120724

VBA32 - 20120723

VIPRE - 20120724

ViRobot - 20120724

VirusBuster - 20120723

First seen by VirusTotal

2012-07-24 03:07:38 UTC ( 4 hours, 1 minute ago )

Last seen by VirusTotal

2012-07-24 07:05:53 UTC ( 3 minutes ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

Another update today, here is the current detection for the now 13 day obsolete trojan.

SHA256: e3b181e228b196dc1d57dadfce7555707090db10f239361fe11f3cedf8e49bfa

SHA1: 77439b2d9932e8ca78a365e09b893d71310205a6

MD5: 8b196c4ac506ec2350ae134b5a9038d1

File size: 113.0 KB ( 115712 bytes )

File name: E:\Downloads\0.4068175439503239.exe

File type: Win32 EXE

Detection ratio: 30 / 40

Analysis date: 2012-07-30 20:10:11 UTC ( 1 minute ago )

AhnLab-V3 Trojan/Win32.Tdss 20120730

AntiVir TR/Alureon.FO.9 20120730

Antiy-AVL Trojan/Win32.TDSS.gen 20120727

Avast Win32:Alureon-ATW [Trj] 20120730

AVG Generic28.CIHX 20120730

BitDefender Trojan.Generic.KDV.675625 20120730

ByteHero - 20120723

CAT-QuickHeal Trojan.Tdss.isog 20120730

ClamAV - 20120730

Commtouch - 20120730

Comodo TrojWare.Win32.Trojan.Agent.Gen 20120730

Emsisoft Trojan.Win32.Tdss!IK 20120730

eSafe - 20120730

ESET-NOD32 a variant of Win32/Kryptik.AIPA 20120730

F-Prot - 20120730

F-Secure Trojan.Generic.KDV.675625 20120730

Fortinet W32/TDSS.ISOG!tr 20120730

GData Trojan.Generic.KDV.675625 20120730

Ikarus Trojan.Win32.Tdss 20120730

Jiangmin Trojan/TDSS.aiqz 20120730

K7AntiVirus Trojan 20120730

Kaspersky Trojan.Win32.TDSS.isog 20120730

McAfee Generic BackDoor.abk 20120730

McAfee-GW-Edition Generic BackDoor.abk 20120730

Microsoft Trojan:Win32/Alureon.FO 20120730

Norman W32/Troj_Generic.CZIVT 20120730

nProtect Trojan/W32.Agent.115712.QJ 20120730

Panda Generic Trojan 20120730

Rising - 20120730

Sophos Mal/TDL3Drop-A 20120730

SUPERAntiSpyware - 20120729

Symantec - 20120730

TheHacker Trojan/Kryptik.aipa 20120730

TotalDefense - 20120730

TrendMicro - 20120730

TrendMicro-HouseCall TROJ_GEN.F47V0723 20120730

VBA32 Trojan.TDSS.isog 20120730

VIPRE Trojan.Win32.Generic!BT 20120730

ViRobot Trojan.Win32.A.Tdss.115712.BS 20120730

VirusBuster Trojan.TDSS!lUkgpVkYrok 20120730

First seen by VirusTotal

2012-07-17 16:06:18 UTC ( 1 week, 6 days ago )

Last seen by VirusTotal

2012-07-30 20:10:11 UTC ( 1 minute ago )

And now the most recent mutation from the same source

SHA256: d64c14fb7e00246a359e71b7340329b955db15e84018b74aeec1ec8fe7c5e98e

SHA1: c8409a21cd1b51b37f0f64d251449db38c86a138

MD5: 6064078263830fd0a257400313c730b6

File size: 95.5 KB ( 97792 bytes )

File name: E:\Downloads\0138d9684aa1.exe

File type: Win32 EXE

Detection ratio: 3 / 41

Analysis date: 2012-07-30 20:07:33 UTC ( 0 minutes ago )

AhnLab-V3 - 20120730

AntiVir TR/Crypt.XPACK.Gen 20120730

Antiy-AVL - 20120727

Avast - 20120730

AVG - 20120730

BitDefender - 20120730

ByteHero - 20120723

CAT-QuickHeal - 20120730

ClamAV - 20120730

Commtouch - 20120730

Comodo - 20120730

DrWeb - 20120730

Emsisoft - 20120730

eSafe - 20120730

ESET-NOD32 - 20120730

F-Prot - 20120730

F-Secure - 20120730

Fortinet W32/Zbot.ADN!tr 20120730

GData - 20120730

Ikarus - 20120730

Jiangmin - 20120730

K7AntiVirus - 20120730

Kaspersky - 20120730

McAfee - 20120730

McAfee-GW-Edition - 20120730

Microsoft - 20120730

Norman - 20120730

nProtect - 20120730

Panda Suspicious file 20120730

Rising - 20120730

Sophos - 20120730

SUPERAntiSpyware - 20120729

Symantec - 20120730

TheHacker - 20120730

TotalDefense - 20120730

TrendMicro - 20120730

TrendMicro-HouseCall - 20120730

VBA32 - 20120730

VIPRE - 20120730

ViRobot - 20120730

VirusBuster - 20120730

First seen by VirusTotal

2012-07-30 20:07:33 UTC ( 1 minute ago )

Last seen by VirusTotal

2012-07-30 20:07:33 UTC ( 1 minute ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

This is the easiest update yet, absolutely no detections at all from the same source.

SHA256: 32a2a2dec04e9868403a884961fbdbf10d2e02a4b86806073349c82cf6defb09

SHA1: c0c9b59979eb2c8d9564157dda31a610332f6582

MD5: 22d30e771bf5d47e97c45c4392186674

File size: 217.4 KB ( 222625 bytes )

File name: E:\Downloads\0.892491262712407.exe

File type: Win32 EXE

Detection ratio: 0 / 41

Analysis date: 2012-08-01 05:11:24 UTC ( 1 minute ago )

AhnLab-V3 - 20120731

AntiVir - 20120801

Antiy-AVL - 20120801

Avast - 20120731

AVG - 20120731

BitDefender - 20120801

ByteHero - 20120723

CAT-QuickHeal - 20120801

ClamAV - 20120801

Commtouch - 20120801

Comodo - 20120801

DrWeb - 20120801

Emsisoft - 20120801

eSafe - 20120731

ESET-NOD32 - 20120731

F-Prot - 20120801

F-Secure - 20120801

Fortinet - 20120801

GData - 20120801

Ikarus - 20120801

Jiangmin - 20120801

K7AntiVirus - 20120731

Kaspersky - 20120801

McAfee - 20120801

McAfee-GW-Edition - 20120731

Microsoft - 20120731

Norman - 20120731

nProtect - 20120731

Panda - 20120731

Rising - 20120731

Sophos - 20120801

SUPERAntiSpyware - 20120801

Symantec - 20120801

TheHacker - 20120730

TotalDefense - 20120731

TrendMicro - 20120801

TrendMicro-HouseCall - 20120801

VBA32 - 20120731

VIPRE - 20120801

ViRobot - 20120801

VirusBuster - 20120731

First seen by VirusTotal

2012-08-01 05:11:24 UTC ( 5 minutes ago )

Last seen by VirusTotal

2012-08-01 05:11:24 UTC ( 5 minutes ago )

Link to post
Share on other sites
nosirrah

nosirrah

Posted
  • Author
Posted

Another update, another completely undetected morph.

SHA256: c7573652f01f76cb5be862f801bea40c575aea0b47036cbd8b1e77575f2d3222

SHA1: 301afeb406a15eec3fdcbeefa5b4f2fb59e7319c

MD5: 24cea1fd12e4c9c99b6d0779dc923895

File size: 107.0 KB ( 109568 bytes )

File name: E:\Downloads\0.2792156623630775.exe

File type: Win32 EXE

Detection ratio: 0 / 41

Analysis date: 2012-08-03 21:37:45 UTC ( 0 minutes ago )

AhnLab-V3 - 20120803

AntiVir - 20120803

Antiy-AVL - 20120803

Avast - 20120803

AVG - 20120803

BitDefender - 20120803

ByteHero - 20120723

CAT-QuickHeal - 20120803

ClamAV - 20120803

Commtouch - 20120803

Comodo - 20120803

DrWeb - 20120803

Emsisoft - 20120803

eSafe - 20120802

ESET-NOD32 - 20120803

F-Prot - 20120803

F-Secure - 20120803

Fortinet - 20120803

GData - 20120803

Ikarus - 20120803

Jiangmin - 20120803

K7AntiVirus - 20120803

Kaspersky - 20120803

McAfee - 20120803

McAfee-GW-Edition - 20120803

Microsoft - 20120803

Norman - 20120803

nProtect - 20120803

Panda - 20120803

Rising - 20120803

Sophos - 20120803

SUPERAntiSpyware - 20120803

Symantec - 20120803

TheHacker - 20120801

TotalDefense - 20120802

TrendMicro - 20120803

TrendMicro-HouseCall - 20120803

VBA32 - 20120803

VIPRE - 20120803

ViRobot - 20120803

VirusBuster - 20120803

First seen by VirusTotal

2012-08-03 21:37:45 UTC ( 5 minutes ago )

Last seen by VirusTotal

2012-08-03 21:37:45 UTC ( 5 minutes ago )

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.