Author Topic: avast! false negative  (Read 3054 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
avast! false negative
« on: August 13, 2014, 04:39:27 PM »
I've sent the file to analysis.
https://www.virustotal.com/en/file/b8a63e6bbcf1ad7b1c92dc6c70b400eef71add79ed401c908610980db95822a8/analysis/1407938301/

The vector was an email telling I've got a banking credit:

Quote
Comprovante Transferência Bancaria.

Arquivo(s) em Anexo(s) : Comprovante.pdf ( 238KB )

Por Favor conferir a transferencia .
Segue o comprovante da transferencia feito em 13/08/2014
no valor de: R$ 6.830,00

The file was a false exe passing as a pdf inside a zip.
The best things in life are free.

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6718
  • volunteer
Re: avast! false negative
« Reply #1 on: August 13, 2014, 05:24:40 PM »
Reported to vírus analyst

This has clearly been sent to our vlab, so there will be a detection soon hopefully.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: avast! false negative
« Reply #2 on: August 13, 2014, 07:24:02 PM »
Reported to vírus analyst

This has clearly been sent to our vlab, so there will be a detection soon hopefully.
Jefferson, but did Honza received the same malware? Why are you quoting him here?
The best things in life are free.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86913
  • No support PMs thanks
Re: avast! false negative
« Reply #3 on: August 13, 2014, 07:52:37 PM »
The quote from jefferson santiag is also incorrect as it just goes to his profile not to the topic/post, so we have no idea what it related too.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline jefferson sant

  • Starting Graphoman
  • *
  • Posts: 6718
  • volunteer
Re: avast! false negative
« Reply #4 on: August 13, 2014, 09:08:45 PM »
Jefferson, but did Honza received the same malware? Why are you quoting him here?

I'm not sure, but best if you can use the ticket support

https://support.avast.com/Tickets/Submit

mark status for urgent, so reporting today, tomorrow you will receive a response,at most two days.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33517
  • malware fighter
Re: avast! false negative
« Reply #5 on: August 14, 2014, 12:15:40 AM »
Seems this is revived malware dating back to 2012: http://tools.cisco.com/security/center/viewThreatOutbreakAlert.x?alertId=25701

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: avast! false negative
« Reply #6 on: August 15, 2014, 03:22:48 AM »
Seems this is revived malware dating back to 2012: http://tools.cisco.com/security/center/viewThreatOutbreakAlert.x?alertId=25701

polonus
Another reason to have been detected... Shame?
The best things in life are free.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76118
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 103.0 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67235
Re: avast! false negative
« Reply #8 on: August 15, 2014, 11:16:17 PM »
Thanks Virus Lab!
The best things in life are free.