Avast WEBforum
Other => Viruses and worms => Topic started by: hozewm on December 09, 2021, 11:58:06 AM
-
link: https://www.virustotal.com/gui/file/922bc561fe72498410d5c835715b6f7ca622d8ec96fb018ded9ec346724645ab
-
Hi, you can report a suspicious/malicious sample (File/Website) here: https://www.avast.com/report-malicious-file.php
-
I don't have the sample.
-
How did you upload it to VirusTotal (or didn't you) ?
I'm not sure if this is correct, but I wonder if you can't give the virus total link as Avast should be able to access that file.
Not to mention - There are several other AVs detecting this and they aren't small companies.
Not to mention 2- Avast according to the VT link isn't detecting this. So it is possible that it has been corrected ?
I just refreshed the link and 11 still detect it and not Avast, this is also being reported as an Email
922bc561fe72498410*****************96fb018ded9ec346724645ab.eml
-
I did not upload it , it was upload by someone else
-
I don't have the sample.
Submit the VT link, should work as well.
-
ok
-
Hi hozewm,
It is a Tesla trojan.
As GData has it, in that case avast should also flag it in so-called pup-mode.
This malware comes in the category Infostealer/spyware like described here:
-https://tria.ge/211013-vn5zbsefg8 (given link as blocked because of downloadable malcode sample).
See signatures and behavioural patterns in that description.
Another analysis of a likewise malcreation: https://www.joesandbox.com/analysis/869868
Underlying is a so-called MITRE attack and this malcode comes classified under infostealer adware, and should be removed,
seen as what it does to your browser info. See with Nir Sofer's 'Web Browser History Viewer' (free Windows proggie)
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)