« previous next »
Pages: [1]   Go Down

Author Topic: Does Avast detect PUA.Android.Dowgin.U - Adware in PUP-mode?  (Read 1633 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33912
  • malware fighter
Does Avast detect PUA.Android.Dowgin.U - Adware in PUP-mode?
« on: February 12, 2016, 07:30:09 PM »
See DrWeb URL checker: -http://www.anzhi.com/dl_app.php?s=1384706 redirects to -http://www.apk.anzhi.com/data1/apk/201402/26/googlems.outmanfightspace_35924300.apk

-http://www.apk.anzhi.com/data1/apk/201402/26/googlems.outmanfightspace_35924300.apk is in Dr.Web malicious sites list!

Re: https://www.virustotal.com/en/url/5aae73c4c98ca8b18acbda7d5f12125d1aaedcfd05c0424bab666c466126304a/analysis/1455301056/  &  https://www.virustotal.com/en/file/804927c4733f745a2b6e0c5fcadb9771c2c8735869cd8b100949fb915f8d98e5/analysis/1454894053/

2 warnings: https://asafaweb.com/Scan?Url=www.anzhi.com

-http://www.anzhi.com
Detected libraries:
jquery - 1.7.1 : (active1) -http://www.anzhi.com/js/jquery-1.7.1.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
(active) - the library was also found to be active by running code
1 vulnerable library detected

Another issue:
Scripts 1 issues
Tag   Result
<script src="-http://s19.cnzz.com/stat.php?id=3216547&amp;web_id=3216547&amp;show=pic1" language="JavaScript"></script>    Missing SRI hash  -2 warnings: https://asafaweb.com/Scan?Url=s19.cnzz.com

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »