Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on March 12, 2012, 10:14:02 AM

Title: Packer detection or malware?
Post by: polonus on March 12, 2012, 10:14:02 AM

See: htxp://www.aldostools.org/piano/pianitostudio.exe packed by UPX
>htxp://www.aldostools.org/piano/pianitostudio.exe packed by PESTUB
>>htxp://www.aldostools.org/piano/pianitostudio.exe - archive RAR
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/PianitoStudio.exe packed by PECOMPACT
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/zlib.dll packed by UPX
>>>>htxp://www.aldostools.org/piano/pianitostudio.exe/zlib.dll packed by FLY-CODE
>>>>>htxp://www.aldostools.org/piano/pianitostudio.exe/zlib.dll -
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/demo1.msf -
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/ff2-town.msf -
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/123145.msz -
>>>htxp://www.aldostools.org/piano/pianitostudio.exe/stone.jpg -
>>htxp://www.aldostools.org/piano/pianitostudio.exe -
Given 100/100 malware status at: htxp://zulu.zscaler.com/submission/show/041631fd8e179c1f0a7b520d6dd3db05-1331542861
suspicious: htxp://www.threatexpert.com/report.aspx?md5=7ef11da2a87cc33e4aee4787b82b9f5c
70% malware: htxp://www.nictasoft.com/ace/md5/7ef11da2a87cc33e4aee4787b82b9f5c
Given clean here: htxp://vscan.urlvoid.com/analysis/7ef11da2a87cc33e4aee4787b82b9f5c/cGlhbml0b3N0dWRpby1leGU=/
So could be a wrong interpreted packer detection, as only ClamAV and eSafe flag it,

polonus

Title: Re: Packer detection or malware?
Post by: Milos on March 12, 2012, 10:51:20 AM

Hello,
yes, it looks clean.

Milos