Author Topic: Crypt0L0cker!!!(Zero DAY)  (Read 1701 times)

0 Members and 1 Guest are viewing this topic.

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1888
« Last Edit: March 18, 2017, 12:27:26 PM by Be Secure »
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31884
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline TrueIndian

  • Poster
  • *
  • Posts: 434
Re: Crypt0L0cker!!!(Zero DAY)
« Reply #2 on: March 19, 2017, 05:08:27 AM »
Downloaded file is detected as  VBA:Downloader-ESI[Trj] by avast,so we are good  :) The downloader that be secure posted is not detected but we should be protected since the downloaded file is caught.

This is a downloader that tricks the user into downloading from their site.Looks like malware writers weren't getting people to download it from their site so they made this downloader.I had reported this URL yesterday night to avast at 9:28 IST

We are protected avast now detects the downloaded file.
« Last Edit: March 20, 2017, 07:44:05 AM by HonzaZ »
Malware Hunter/Tester/Analysis
https://twitter.com/avman1995

“When I despair, I remember that all through history the way of truth and love have always won. There have been tyrants and murderers, and for a time, they can seem invincible, but in the end, they always fall. Think of it--always.”
― Mahatma Gandhi

Offline Be Secure

  • Long Time Avast User(9years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1888
Re: Crypt0L0cker!!!(Zero DAY)
« Reply #3 on: March 19, 2017, 05:24:49 AM »
Downloaded file is detected as  VBA:Downloader-ESI[Trj] by avast,so we are good  :) The downloader that be secure posted is not detected but we should be protected since the downloaded file is caught.

This is a downloader that tricks the user into downloading from their site.Looks like malware writers weren't getting people to download it from their site since I had reported this URL yesterday night to avast at 9:28 IST

We are protected avast now detects the downloaded file.
Thanks for the info.@TrueIndian :)
PC- Windows10 EDU 64Bit,Avast Free V.19.8.2393,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline TrueIndian

  • Poster
  • *
  • Posts: 434
Re: Crypt0L0cker!!!(Zero DAY)
« Reply #4 on: March 19, 2017, 05:28:20 AM »
Here is the URL of the downloaded file.This was already reported yesterday and detected with today's VPS:
https://www.virustotal.com/en/url/75efa482d1c4b701afbc46a49924eb0f7a255aa887e04bfecf81dcbe8f62f348/analysis/1489897627/
Malware Hunter/Tester/Analysis
https://twitter.com/avman1995

“When I despair, I remember that all through history the way of truth and love have always won. There have been tyrants and murderers, and for a time, they can seem invincible, but in the end, they always fall. Think of it--always.”
― Mahatma Gandhi

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9268
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: Crypt0L0cker!!!(Zero DAY)
« Reply #5 on: March 19, 2017, 12:59:30 PM »
Just because VT doesn't detect it, that doesn't mean it's not detected. VT doesn't use half of the cloud capabilities and it also doesn't use Behavior Shield at all.
Visit my webpage RejZoR's Flock of Sheep

Offline TrueIndian

  • Poster
  • *
  • Posts: 434
Re: Crypt0L0cker!!!(Zero DAY)
« Reply #6 on: March 19, 2017, 05:26:38 PM »
Just because VT doesn't detect it, that doesn't mean it's not detected. VT doesn't use half of the cloud capabilities and it also doesn't use Behavior Shield at all.

Yes that is exactly why Virustotal Is unreliable as a source of detection  :)
Malware Hunter/Tester/Analysis
https://twitter.com/avman1995

“When I despair, I remember that all through history the way of truth and love have always won. There have been tyrants and murderers, and for a time, they can seem invincible, but in the end, they always fall. Think of it--always.”
― Mahatma Gandhi