My network has been getting a lot of emails entitled "You've received a postcard from a family member", or something along those lines. They generally include a link to a web site, and so I tried the most recent email's link in a text-only browser running under UNIX (safer that way). It took me to a web page that included a single link, to a file called card.exe.
I tried scanning this "card.exe" with Avast and it did not report any problems. Then I uploaded it to VirusTotal and Jotti, both of which found problems -- but in both cases only a minority of the scanners found problems.
This is clearly malicious software, but I don't want to run on it on my PC to see what it does -- I don't have an appropriate environment for testing that sort of thing. I'm a little worried that Avast isn't detecting it, because we've been getting a lot of these, and eventually one of my users is going to get one and may actually download and run the exe.
Is there any way I can submit this file to Avast for analysis?
Thanks,
Ben