Author Topic: 免費個資檢測工具.exe- not detected by avast  (Read 2305 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
免費個資檢測工具.exe- not detected by avast
« on: August 30, 2012, 09:43:30 PM »
Hi forum members,

See: http://zulu.zscaler.com/submission/show/a322c1cb812eaeb8d96d0856d0fb9603-1346354661
See: https://www.virustotal.com/file/cd6cc5ea6e7c34ee350bffe01c2b687ba30e33ab2a01d3d269e93f4abde9cb1a/analysis/
See IDS alerts here: http://urlquery.net/report.php?id=152470

Too often today, malicious executable content is misrepresented as safe file types...
reported to virus AT avast dot com,

See why site should be blocked here: http://urlquery.net/report.php?id=133809
59 incidents of this IDS alerts, google up: Snort Alert [1:23861:0] and we see a lot of this for various sites for Aug 16th last,
for example also http://urlquery.net/report.php?id=132811 a compromised site that leads to a Blacole exploit....
also a known PHISH,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: 免費個資檢測工具.exe- not detected by avast
« Reply #1 on: August 30, 2012, 11:04:14 PM »
https://www.virustotal.com/file/cd6cc5ea6e7c34ee350bffe01c2b687ba30e33ab2a01d3d269e93f4abde9cb1a/analysis/1346360474/

First seen by VirusTotal

 2007-02-01 11:03:03 UTC ( 5 år, 7 måneder ago )


Sigcheck

publisher................: LiMa Nonsense Software
product..................: Alkomat
internal name............: Alkomat
copyright................: 2001 by LiMa Nonsense Software
original name............: Alkomat.exe
file version.............: 1.01
description..............: Eine vielleicht nicht ganz gerichtsverwertbare Blutalkoholmessung



The file is clean.
Searching at Norman lab, it was once detected / added by auto signature and was later exluded     ;)
Quote

• Suspicious_Gen2.AZBTK (autoadded)(FP)[Excluded]
• Bifrose.CGTB!genr (autoadded)[Excluded]
• Bifrose.CGTB!genr [excluded]


« Last Edit: August 30, 2012, 11:18:37 PM by Pondus »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: 免費個資檢測工具.exe- not detected by avast
« Reply #2 on: August 30, 2012, 11:16:55 PM »
Hi Pondus,

A "golden oldie" for still being abused after 5 years. Avast never performed that execellent on Bifrose variant detections,missed quite a few, probably that is why I gave it. Bifrose is very dangerous malware...

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!