« previous next »
Pages: [1]   Go Down

Author Topic: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender  (Read 5825 times)

0 Members and 1 Guest are viewing this topic.

Offline Yanto.Chiang

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1371
  • Soli Deo Gloria
    • PT Garuda Sinatriya Globalindo
New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« on: August 07, 2010, 06:04:53 AM »
Dear All,

Today our workmate outlook received some attached file which is avast not recognized yet,

There is a three attached file which submitted to avast already,

Please find the additional information :


According to online virus scanner :

File_13671 Folder : (Identified as Artemis variants by McAfee and Trojan Packed by Dr.Web)

http://www.virustotal.com/analisis/e42697e0a3e09da3dfdb90bee85c24413e5ba289c4412a10c516d8aaabbd065d-1281152133
http://virusscan.jotti.org/en/scanresult/76e63a9e5205dd453c8ae04447e33adce205c0c0/2cb58b5f0feb2be52942e06f98e0a26c8a186e5a


Tax Statement Folder : (Mostly antivirus engine identified as Zbot variants)

http://www.virustotal.com/analisis/b24b1219af68aae74f414580031cb4f63d3574cc45e2c30bb044b7f7b7cb9d9d-1281147201
http://virusscan.jotti.org/en/scanresult/4885a6963528ecc0941b9c1b282d8ef1124a0458/5d60cdd3e66f00f8784c6c06c5f3d0726b3a931d


YoSendIt reader Folder : (Mostly antivirus engine identified as Trojan Downloader variants)

http://www.virustotal.com/analisis/b2f337e9fdd70e971658138a7cfd28f6c0dfc5050dbd9106cc28ba8cb45e482f-1281151860
http://virusscan.jotti.org/en/scanresult/7a6e915d329ed77a90c5828ddaa003ba2fa88e14/33b4dffb957f241b137e25a409a89e4b1d929008


I upload the sample of virus to MediaFire :
http://www.mediafire.com/?jm650unn7i4c9hn

(Please don't clicked the exe file, if you don't have any experiment in virus or malware world)

cheers,
« Last Edit: August 07, 2010, 07:02:24 AM by Yanto.Chiang »
Logged
Yanto Chiang | IT Security Consultants | AVAST Premium Security | GarudaSinatriya

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #1 on: August 07, 2010, 07:47:25 AM »
I've submitted them to several others  that weren't detecting them.
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline Yanto.Chiang

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1371
  • Soli Deo Gloria
    • PT Garuda Sinatriya Globalindo
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #2 on: August 07, 2010, 07:58:19 AM »
Quote from: Marc57 on August 07, 2010, 07:47:25 AM
I've submitted them to several others  that weren't detecting them.

Hi Marc57,

Thanks for your sharing, by the way what is several others that you means?

cheers,
Logged
Yanto Chiang | IT Security Consultants | AVAST Premium Security | GarudaSinatriya

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #3 on: August 07, 2010, 08:13:54 AM »
Symantec, virobot, f-secure, Microsoft, Nod 32

I swear symantec is FAST. I uploaded  file_13671  to their site,  They sent me an e-mail that they got it and TWO minutes later I got a second e-mail that said it was malware and if I was using their product I could have downloaded the defs. Now THAT'S fast.
« Last Edit: August 07, 2010, 08:30:20 AM by Marc57 »
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline Yanto.Chiang

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1371
  • Soli Deo Gloria
    • PT Garuda Sinatriya Globalindo
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #4 on: August 07, 2010, 08:21:04 AM »
Hi Marc57,

Fast but please make sure that Symantec can clean out all the stuffs,
Because some AV engine only can detected but can't cleaned it out.

cheers,
Logged
Yanto Chiang | IT Security Consultants | AVAST Premium Security | GarudaSinatriya

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #5 on: August 07, 2010, 08:26:28 AM »
I'm not using Symantec, I just try to send new Malware to as many as I can, to make sure others are protected.
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

Offline Yanto.Chiang

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1371
  • Soli Deo Gloria
    • PT Garuda Sinatriya Globalindo
Re: New variants virus (Zbot, Trojan Downloader, Artemis) from email sender
« Reply #6 on: August 09, 2010, 05:35:19 AM »
Quote from: Marc57 on August 07, 2010, 08:26:28 AM
I'm not using Symantec, I just try to send new Malware to as many as I can, to make sure others are protected.

Hi Marc57,

Oh i see,
So that would be a good respond from Symantec.  ;D

Here's the new update :

avast! [YANTOCHIANG-PC]: File "C:\Users\YantoChiang\Desktop\Viruses\new virus\file_13671\file_13671.exe" is infected by "Win32:Oficla-X [Wrm]" virus.

avast! [YANTOCHIANG-PC]: File "C:\Users\YantoChiang\Desktop\Viruses\new virus\tax_statement\tax_statement.exe" is infected by "Win32:Trojan-gen" virus

avast! [YANTOCHIANG-PC]: File "C:\Users\YantoChiang\Desktop\Viruses\new virus\YouSendIt_reader\YouSendIt_reader.exe" is infected by "Win32:Fitmu-B [Spy]" virus.

Nice update,

cheers,
Logged
Yanto Chiang | IT Security Consultants | AVAST Premium Security | GarudaSinatriya
Pages: [1]   Go Up
« previous next »