Jump to content

Trojan.Slugin found in Samsung software caller64.exe


M___

Recommended Posts

A routine Flash Scan following a definition update revealed what may be a false positive for "Trojan.Slugin". The file is "caller64.exe" which is part of the

Samsung ML-2850 Series printer software.  The questionable file was at:

 

C:\Windows\Samsung\PanelMgr\caller64.exe

 

Other instances of the (same?) file are at:

 

C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\Install\Application\SPANEL\PanelMgr\Caller64.exe
C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\Install\Application\SPANEL\SPanel\Caller64.exe
C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\SPanel\caller64.exe

 

I submitted the first file above (the one identified as "Trojan.Slugin") to VirusTotal, and MBAM was the only product to find anything wrong, identifying it as "Trojan.Slugin".

 

MBAM Developer Mode Log (I saved the log after unchecking the two pre-checked-for-quarantining boxes):

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.25.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Michael :: MICHAEL-PC [administrator]

Protection: Enabled

2013-11-25 5:15:56 PM
MBAM-log-2013-11-25 (17-17-12)_DevMode_UnCheckedBoxesAfterScan.txt

Scan type: Flash scan
Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | File System | P2P
Objects scanned: 273703
Time elapsed: 28 second(s)

Memory Processes Detected: 1
C:\Windows\Samsung\PanelMgr\caller64.exe (Trojan.Slugin) -> 5124 -> No action taken. [6a5216e73438ed4997f825346e937a86]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Samsung\PanelMgr\caller64.exe (Trojan.Slugin) -> No action taken. [6a5216e73438ed4997f825346e937a86]

(end)

 

 

caller64.zip

__www.virustotal.com_en_file_579f0ae4aa68c34c2ef5cbe9c25e.pdf

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.