« previous next »
Pages: [1]   Go Down

Author Topic: Does Avast detect cclub11.exe here?  (Read 1358 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34060
  • malware fighter
Does Avast detect cclub11.exe here?
« on: June 14, 2015, 09:46:02 PM »
See: htxp://112.185.254.215/loader/cclub11.exe  unknown execuletable?
Re: https://www.virustotal.com/en-gb/url/684904e4debed1d98f7944b04a4f769be4f1262f3d354a2d05c9ed4c7d9ffc99/analysis/1434308828/
Consider: http://7feeds.com/listfeed-malc0de.com_el_rss_el_-1401884028
Malware - detected -> http://urlquery.net/report.php?id=1434308949312 -> application/octet-stream
Quttera -> Quttera Labs - domain is Malicious.
Site risk 9 red out of 10: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2F112.185.254.215
It is a Zusy variant Avast should detect as Win32:Malware-gen!

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37699
Re: Does Avast detect cclub11.exe here?
« Reply #1 on: June 14, 2015, 10:22:47 PM »
« Last Edit: June 15, 2015, 05:58:25 PM by Pondus »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34060
  • malware fighter
Re: Does Avast detect cclub11.exe here?
« Reply #2 on: June 15, 2015, 12:30:14 AM »
Hi Pondus,

This means it is Rogue/Ransomware as being described here: https://forums.malwarebytes.org/index.php?/topic/111408-fraudtoolwin32securityshieldekc/
And Avast recently had no detection I guess from these results: https://www.virustotal.com/en-gb/file/612610de48db6d0f91dc0054acb5c8fc12a15e42ff8f75051c4a57de6d501625/analysis/

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »