Suspicious file

[aquilax]

Someone is posting in different forums a link to download a rar file with inside an exe, avast! antivirus has found nothing but perhaps is a new trojan or virus.

hxxp://www.tng7.com/the_list/1206578326-pstats.rar

[Maxx_original]

we'll take a look..

[Lisandro]

It's better do not post live links to malware or false positives.
Can you edit http to hxxp for instance.

[aquilax]

Here a link to the same host to download another suspicious file

hxxp://tng7.com/downloads/wow_nude_patch_1.11.zip

[Lisandro]

hxxp://tng7.com/downloads/wow_nude_patch_1.11.zip

Hope the virus analysts take a look on this one...

[Tin_W]

The first one is detected by AVG and Antivir and some others as a virus.

The second one was only detected by Ikarus , Mcafee and Webwasher.

I've also uploaded the second file to anubis and it's clear that it's a pretty nasty virus/trojan.

[polonus]

Hallo Tin_W,

Kun je nog even aangeven wat de namen waren van de gevonden malware. Overigens bedankt voor de alerte melding,

polonus

[Maxx_original]

the files were analyzed yesterday.. a proper detection will be released soon...

[Tin_W]

@polonus,

De eerste werd herkend door antivir als heur/malware (als k het goed heb zit nu op school dus kan niet alles even opnieuw uploaden)
Maar heb hem geupload naar avira en het is een virus.

De 2de heb ik gisteren naar avira gestuurd en dat is een trojan.