Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Network Shield detects download as JS:Downloader-All[Trj]
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Network Shield detects download as JS:Downloader-All[Trj] (Read 2358 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Network Shield detects download as JS:Downloader-All[Trj]
«
on:
June 17, 2013, 02:02:27 PM »
I tried to download Revelo from here:
http://www.kahusecurity.com/tools/Revelo_v0.5.1.zip
MD5: AEA8185AE1C0292B757EC8D086F1D7FF
last update Last Update: 02/24/13
Description of revelo: Deobfuscate Javascript using a variety of different methods; includes a built-in JS beautifier, DOM walker, firewall, packet sniffer, and proxy. Note: If analyzing malicious content, please use in a virtual machine. If the script calls Java, Acrobat, or some other plug-in, Revelo won’t protect you.
Is this riskware. Why is avast blocking the download?
See:
https://www.virustotal.com/nl/file/c6b23e2a3a458dd8d8b8bf431d1bef22bc546b0b83a799cb14da0e65c05e8c71/analysis/1367778723/
polonus
«
Last Edit: June 17, 2013, 02:04:45 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Re: Network Shield detects download as JS:Downloader-All[Trj]
«
Reply #1 on:
June 17, 2013, 02:18:38 PM »
Also see:
http://www.malwarepatrol.com/cgi/search.pl?id=VHJvamFuLkpTLklmcmFtZS55dQ==
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Milos
Avast team
Super Poster
Posts: 2295
Re: Network Shield detects download as JS:Downloader-All[Trj]
«
Reply #2 on:
June 17, 2013, 03:50:30 PM »
Hello,
there is some obfuscated javascript.
Milos
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Re: Network Shield detects download as JS:Downloader-All[Trj]
«
Reply #3 on:
June 17, 2013, 05:10:05 PM »
Hi Milos,
Strange as this all-in-one- tool is used by a Panda AV analyst, see:
https://www.security.nl/artikel/46658/1/Security_Tip_van_de_Week%3A_onderzoek_malware_in_je_eigen_lab.html
(link article author = Bart Blaze)
Found the info stumbling on that link...
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
REDACTED
Guest
Re: Network Shield detects download as JS:Downloader-All[Trj]
«
Reply #4 on:
June 17, 2013, 08:28:23 PM »
Hi Polonus,
http://online3.drweb.com/cache/?i=9eca9a209add13ce935063c22ec77e5f
«
Last Edit: June 17, 2013, 08:35:35 PM by Dim@rik
»
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33926
malware fighter
Re: Network Shield detects download as JS:Downloader-All[Trj]
«
Reply #5 on:
June 17, 2013, 10:44:15 PM »
Hi Dimitrij,
Seen that as I have DrWeb extension inside Google Chrome -> verdict suspicious...
see:
http://anubis.iseclab.org/?action=result&task_id=11e816a483f1d6d14914e2b33520597e8&format=html
Some code spoofing goin' on and resetter software...
Damian
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Network Shield detects download as JS:Downloader-All[Trj]
