Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on February 11, 2016, 12:16:16 AM

Title: Does Avast detect this executable?
Post by: polonus on February 11, 2016, 12:16:16 AM

See: https://urlquery.net/report.php?id=1455144998760
See: https://www.virustotal.com/en/url/cb417554b2fdec34b3f4bf7207cc3530e5d49366238a73c45b488e36ed521a57/analysis/1455145415/
The file analysis: https://www.virustotal.com/en/file/8d273da24a01b8eb76b779c7f8c8c5459305aef7cf1437aaa0dc1f254134d105/analysis/1455125407/
It is only 5 and 33 minutes old, but I see Avast does not have this dropper yet.  :o
See: https://malwr.com/analysis/ODY0YmNjYzg4YzhjNDVkZGE5YzFkMWVjNWQyMmViMTc/

Malware is on a Moldovan server with outdated server software:
HTTP Server: nginx 1.0.15 Cent OS (Outdated) -> http://toolbar.netcraft.com/site_report?url=http://212.56.214.67

polonus

Title: Re: Does Avast detect this executable?
Post by: Pondus on February 11, 2016, 07:49:46 AM

Quote

Does Avast detect this executable?

Analysis date:   2016-02-11 06:48:03 UTC ( 1 minute ago )
https://www.virustotal.com/en/file/8d273da24a01b8eb76b779c7f8c8c5459305aef7cf1437aaa0dc1f254134d105/analysis/1455173283/

Title: Re: Does Avast detect this executable?
Post by: polonus on February 11, 2016, 02:32:45 PM

Hi Pondus,

It seems Avast had detection for an earlier detection, but missed this variety this time around.

polonus