Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 373815 times)

0 Members and 1 Guest are viewing this topic.

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #90 on: October 11, 2010, 02:51:01 PM »
Trojan (Zeus related)

http://www.virustotal.com/file-scan/report.html?id=380087229a5a6182c5b1ccd78e1cd4ac6e0275f2b3623f78272c816fd07b2d71-1286801243

MD5   : bd41f21be524da820c4f555c7d157e60
SHA1  : da36d0c020debd1be81e48993d81628b104a925e
SHA256: 380087229a5a6182c5b1ccd78e1cd4ac6e0275f2b3623f78272c816fd07b2d71

Detected by McAfee-GW-Edition as Heuristic.LooksLike.Win32.Suspicious.F

ROGUE

http://www.virustotal.com/file-scan/report.html?id=5c052870ce034a1600187282e290c56cefef7c592e2dfcc054149a3e00630f76-1286801600

MD5   : fe65a0eb0d8f6b38ada4bf55af56ae6a
SHA1  : b4d3317591131869dc4e90b109a95cb8353e0e2b
SHA256: 5c052870ce034a1600187282e290c56cefef7c592e2dfcc054149a3e00630f76

TROJAN (Zeus related)

http://www.virustotal.com/file-scan/report.html?id=48061ade1f85d7040bca8bf056c95be8dc8568658841314db4874eeb699a0cbf-1286801855

MD5   : 8279e011750c6499e01026f2aa370d56
SHA1  : 69e333fbc316e63c23284f1b1312c6782e908515
SHA256: 48061ade1f85d7040bca8bf056c95be8dc8568658841314db4874eeb699a0cbf

« Last Edit: October 11, 2010, 03:06:33 PM by m00nbl00d »

Henrique - RJ

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #91 on: October 12, 2010, 05:46:53 AM »
VirusTotal: 22/43

http://www.virustotal.com/file-scan/report.html?id=ecea9a1c297b62c4c1fb9c21a92dc50277eba60c53e0c91a701981f2a05db6fd-1286855009

TR/Spy.Banker.Gen (Avira)

MD5   : 09580a2d997b6b4c9d68e781b32364be
SHA1  : dc8c09b0651ba125dfcffe70e15faa3a9fafb061
SHA256: ecea9a1c297b62c4c1fb9c21a92dc50277eba60c53e0c91a701981f2a05db6fd

Offline Marc57

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1944
  • KISS Rules The World!!!
    • KISS Army
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #93 on: October 12, 2010, 03:58:52 PM »
ROGUE

http://www.virustotal.com/file-scan/report.html?id=45873cade00ef2de771777511673b53ad3ca9f851f0cb57adcf90ff23f3b90c4-1286891196

MD5   : d04954c1a4cf72d14f365a7bb9e6d60d
SHA1  : d1113e86c6f739ee82837e44cec068fb27ffdafa
SHA256: 45873cade00ef2de771777511673b53ad3ca9f851f0cb57adcf90ff23f3b90c4

ROGUE

http://www.virustotal.com/file-scan/report.html?id=4851da897bf2992b5daa3cdc4b3dd4d0103d27b63e9201fc25fb9125fbbeab3f-1286892008

MD5   : 0b157157b293430fb8c9a35ae17fd0d8
SHA1  : 969e2500c38c80c4a5d3911d096c0fed435fcd49
SHA256: 4851da897bf2992b5daa3cdc4b3dd4d0103d27b63e9201fc25fb9125fbbeab3f

ROGUE

http://www.virustotal.com/file-scan/report.html?id=ecb766252fa425d4d7610517f49509fefd4e81e1053aefb6eba7d3d5cf04e05b-1286892878

MD5   : d92514a45a5eac2a1d2dec8dd33c81da
SHA1  : 3f4af4537658bdf507a444e1ec10d6c3a0c4899f
SHA256: ecb766252fa425d4d7610517f49509fefd4e81e1053aefb6eba7d3d5cf04e05b

ROGUE

http://www.virustotal.com/file-scan/report.html?id=8444e1b069e7060001f040e1d2b4eab5fc08397a0de5571c61d456a194bc6dac-1286893115

MD5   : 6991987f5404662c57f9d4ab8b6a1851
SHA1  : 15e86de816047e3ccef0f86d449b811e1bd266f3
SHA256: 8444e1b069e7060001f040e1d2b4eab5fc08397a0de5571c61d456a194bc6dac

TROJAN

http://www.virustotal.com/file-scan/report.html?id=8444e1b069e7060001f040e1d2b4eab5fc08397a0de5571c61d456a194bc6dac-1286893115

MD5   : 6991987f5404662c57f9d4ab8b6a1851
SHA1  : 15e86de816047e3ccef0f86d449b811e1bd266f3
SHA256: 8444e1b069e7060001f040e1d2b4eab5fc08397a0de5571c61d456a194bc6dac
« Last Edit: October 12, 2010, 04:28:53 PM by m00nbl00d »

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #94 on: October 12, 2010, 04:48:41 PM »
TROJAN

http://www.virustotal.com/file-scan/report.html?id=3cab860e5ab2c7dfac5f1bd656b0b31e58aa3d42cbdd67fdfbd0dc3591e68f4a-1286894775

MD5   : 19283d1343ef0be90a317198585520c1
SHA1  : ad6918b1a630ae229eebe2bb2c240f4439691d31
SHA256: 3cab860e5ab2c7dfac5f1bd656b0b31e58aa3d42cbdd67fdfbd0dc3591e68f4a

TROJAN

http://www.virustotal.com/file-scan/report.html?id=26ca928094211abe9f24a3d0c5fc35484782db8ec2b6c45e92bbf3ebdfe3db9e-1286894999

MD5   : 124960c4b1e002ac7725308e7912a64f
SHA1  : 067f5934d94b670f4b7e04f0e25d21d0f25e8f0d
SHA256: 26ca928094211abe9f24a3d0c5fc35484782db8ec2b6c45e92bbf3ebdfe3db9e
« Last Edit: October 12, 2010, 04:52:35 PM by m00nbl00d »

Henrique - RJ

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #95 on: October 12, 2010, 08:48:11 PM »
VirusTotal: 20/41

http://www.virustotal.com/file-scan/report.html?id=82a91174739fd00ec38c31c41ecf3268aad3a9cc07ceb6923635d65276cff982-1286909055

TR/Crypt.XPACK.Gen (Avira)

MD5   : 79a137546440b649d05a74b74d26fb39
SHA1  : 87bd2f282ca5501173e2b995fb8711936dbdcec7
SHA256: 82a91174739fd00ec38c31c41ecf3268aad3a9cc07ceb6923635d65276cff982

-----------------------------------------------------------------------

VirusTotal: 19/40

http://www.virustotal.com/file-scan/report.html?id=1160b9f1934a9dd9231f31560b99a0701c44c0c2c605fdbdeadd05285e3452a4-1286909991

TR/Crypt.CFI.Gen (Avira)

MD5   : 98a0cd18c03892c7f83148afa4c13ffb
SHA1  : b0428d8f55273ba3e45f3fb71bb1c1e91a4211f6
SHA256: 1160b9f1934a9dd9231f31560b99a0701c44c0c2c605fdbdeadd05285e3452a4

-------------------------------------------------------------------------

VirusTotal: 19/42

http://www.virustotal.com/file-scan/report.html?id=013903434d8cd9cebe8913def0a0022c1ac03ac30b9ee319c404c770d186b93d-1286910374

TR/VB.Downloader.Gen (Avira)

MD5   : e761ffd4493bc56044fef408b43cd387
SHA1  : 17208a7048df26c696ba395112f041fabd98abd5
SHA256: 013903434d8cd9cebe8913def0a0022c1ac03ac30b9ee319c404c770d186b93d

-------------------------------------------------------------------------

VirusTotal: 19/41

http://www.virustotal.com/file-scan/report.html?id=0dff24330bc30faeec1b36e6f9c535359f7344d839748149f743f3f307be96f1-1286910870

TR/VB.Downloader.Gen (Avira)

MD5   : addf29b4e4c8b875fbcef278bf66a7db
SHA1  : 0d069f5bc1faeeb38be5ee57e370620e88296f73
SHA256: 0dff24330bc30faeec1b36e6f9c535359f7344d839748149f743f3f307be96f1

---------------------------------------------------------------------------

VirusTotal: 21/43

http://www.virustotal.com/file-scan/report.html?id=c80367480094aa649ad0b9914b9c1cb4c6320101ee3bae4bda6775a0ab736db6-1286913569

TR/Crypt.CFI.Gen (Avira)

MD5   : 9c75702f09b15fef35f205b12d4f15e6
SHA1  : 5109a83bf5b5f06fe640c84b2e2665ea1cb38c5d
SHA256: c80367480094aa649ad0b9914b9c1cb4c6320101ee3bae4bda6775a0ab736db6

-----------------------------------------------------------------------

I will not send more until I have to be detected by avast.

-----------------------------------------------------------------------

EDIT.:

This has not been detected yet by avast:

VirusTotal: 2/43

http://www.virustotal.com/file-scan/report.html?id=65a6508e8b43a54a17d5c20c49fbe20f68b12fe5517d1c5dfa41b0540bf64896-1286779262

Heuristic.BehavesLike.Win32.Suspicious.H (McAfee-GW-Edition)

MD5   : 6355177091f224eb970c365e4d06b269
SHA1  : 89361620e489c1876963c32e555afe7d58b9ca04
SHA256: 65a6508e8b43a54a17d5c20c49fbe20f68b12fe5517d1c5dfa41b0540bf64896

.
« Last Edit: October 13, 2010, 04:10:40 PM by Henrique - RJ »

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #96 on: October 13, 2010, 05:46:18 PM »
ROGUE

http://www.virustotal.com/file-scan/report.html?id=b542593a97bb9fa1e949e3daf4ec7ea22884295745ff2b93e48218bc3f2729e9-1286984588

MD5   : ae57cb81a246972e63378c956744291d
SHA1  : 0397683698f9bf209a883e7b1e7100ace35c0239
SHA256: b542593a97bb9fa1e949e3daf4ec7ea22884295745ff2b93e48218bc3f2729e9

TROJAN

http://www.virustotal.com/file-scan/report.html?id=9f7f7a40c51de30a9f2160b72865ac7323c0394de3dfce7b0e58e5de63eac756-1286985392

MD5   : e3f83a9d5591d149ea54fef696bcdad8
SHA1  : e02f0b4692fcf2bf595ef391c73b9f482adea09d
SHA256: 9f7f7a40c51de30a9f2160b72865ac7323c0394de3dfce7b0e58e5de63eac756

ROGUE

http://www.virustotal.com/file-scan/report.html?id=79bb43c75546db0bc1ad0cc27529198ab60980a151c82ac4eb5a416905645f9e-1286985963

MD5   : 29ef8c98b57185bcc4ff8c5c9c494da8
SHA1  : 6aecfe6a72be9f409f8b4144a458e3e45be6fee5
SHA256: 79bb43c75546db0bc1ad0cc27529198ab60980a151c82ac4eb5a416905645f9e

TROJAN/ZEUS

http://www.virustotal.com/file-scan/report.html?id=cef9cc3be07749b2472130560b793c4ed7642ec856d1104fa6b71ff8bad62a74-1286986116

MD5   : c59ef71540aa1735c31c3c3d9bb32958
SHA1  : 069f811b4c3d0b35d481fbc697580bfae7339070
SHA256: cef9cc3be07749b2472130560b793c4ed7642ec856d1104fa6b71ff8bad62a74
« Last Edit: October 13, 2010, 06:10:21 PM by m00nbl00d »

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #97 on: October 13, 2010, 06:13:16 PM »
ROGUE

http://www.virustotal.com/file-scan/report.html?id=50880380b9a2a368c0460a580895041b7f32c468efbd1bd08ce300c926ea6cd0-1286986285

MD5   : bdb6615f4a274bfd159436148fdbe1c7
SHA1  : a70441c652e6e43cac7e2ac513834fb36d0574ba
SHA256: 50880380b9a2a368c0460a580895041b7f32c468efbd1bd08ce300c926ea6cd0

TROJAN/ZEUS

http://www.virustotal.com/file-scan/report.html?id=6319188830903712b4296b6e9c6ece7e53a1232035786d0f218c340c78332b93-1286986548

MD5   : ace6aec48663a0179af2e60cceb2ebb4
SHA1  : 733f7be9011302f17d9cae440056754d5301dd1f
SHA256: 6319188830903712b4296b6e9c6ece7e53a1232035786d0f218c340c78332b93
« Last Edit: October 13, 2010, 06:17:22 PM by m00nbl00d »

Henrique - RJ

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #98 on: October 14, 2010, 08:04:01 AM »
VirusTotal: 22/42

http://www.virustotal.com/file-scan/report.html?id=aba7f0ddd813cf99259c753f5a149098289760097df9de7ee01cebd74d31009d-1287036007

TR/Crypt.CFI.Gen (Avira)

MD5   : 37e1eaf4cd3f80e9618942e0708a16e1
SHA1  : 32c06264c68a800a3b2e3ad2ffb9935e73f31ece
SHA256: aba7f0ddd813cf99259c753f5a149098289760097df9de7ee01cebd74d31009d
ssdeep: 6144:WdPTN03baw5APiU/twz4+skBXShTdYREeycaekOLtOK7LSEIRkCAsuuzps5u6rnJ:WNTN0
3NU2KOMWVaekXK7L8y9I6db
File size : 347136 bytes
First seen: 2010-10-14 06:00:07
Last seen : 2010-10-14 06:00:07

----------------------------------------------------------------------------

VirusTotal: 6/42

http://www.virustotal.com/file-scan/report.html?id=65a6508e8b43a54a17d5c20c49fbe20f68b12fe5517d1c5dfa41b0540bf64896-1287047835

Delf.TTZ (AVG)

MD5   : 6355177091f224eb970c365e4d06b269
SHA1  : 89361620e489c1876963c32e555afe7d58b9ca04
SHA256: 65a6508e8b43a54a17d5c20c49fbe20f68b12fe5517d1c5dfa41b0540bf64896
ssdeep: 12288:tUmTk8F0KhaR2s68HbHyD1PzLqkRp+fg2b:xQ8fsv2PSwpH2
File size : 527360 bytes
First seen: 2010-10-10 17:59:33
Last seen : 2010-10-14 09:17:15

------------------------------------------------------------

VirusTotal: 20/42

http://www.virustotal.com/file-scan/report.html?id=bed57775dc2f9870c11671906f6cdddbe20983efe269830bbb488dadf4aae5f4-1287049482

TR/VB.Downloader.Gen (Avira)

MD5   : c799242d0c38bd81b965bfd119ca47c3
SHA1  : e71a8e46fa74811288c6237320c9758b851bcb69
SHA256: bed57775dc2f9870c11671906f6cdddbe20983efe269830bbb488dadf4aae5f4
ssdeep: 768:OuSPC8w03SCUSDZArU83z555o3kVZ6+XNZXRuvCfJ4lcdfbIDX4U/rx:+00CzeZfII346+X
LXFr5bIhx
File size : 159744 bytes
First seen: 2010-10-14 09:44:42
Last seen : 2010-10-14 09:44:42
« Last Edit: October 14, 2010, 11:47:46 AM by Henrique - RJ »

m00nbl00d

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #99 on: October 14, 2010, 02:22:25 PM »
TROJAN/ZEUS

http://www.virustotal.com/file-scan/report.html?id=e521d9d4610d90067b50df211240e0c72bbecf266bfa9dd29f999f28e6030493-1287058668

MD5   : a94d8d952e071d5897fa6ef1539c6e59
SHA1  : b956f5ec6319470210532600e58663b7bd6e883f
SHA256: e521d9d4610d90067b50df211240e0c72bbecf266bfa9dd29f999f28e6030493

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2267
Re: Samples missed by avast (VirusTotal links only!)
« Reply #100 on: October 14, 2010, 02:31:20 PM »
Hello,
I think that the best way is to send the files to virus@avast.com with subject "Undetected malware".
This VT links on forum doesn't help us at all, you can include them to email body.

Milos

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
« Last Edit: October 15, 2010, 01:25:21 PM by Left123 »
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Henrique - RJ

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #102 on: October 15, 2010, 04:12:41 AM »
VirusTotal: 20/43

http://www.virustotal.com/file-scan/report.html?id=832d7c815110ce43b58cdf66f7d6386bb249af0038152f3fa912ca61bef58cff-1287108590

TR/VB.Downloader.Gen (Avira)

MD5   : 21b4f22fb4f09ad1e70afb41684b5103
SHA1  : fefba4a9fa348f655db4b1f9a902c05484f44ae7
SHA256: 832d7c815110ce43b58cdf66f7d6386bb249af0038152f3fa912ca61bef58cff
ssdeep: 768:AuSZEjw03SCU63BET555IHY1ZZ+XjXQWIxVkguu:wV0Cz63O1oHkZ+XjXfgr
File size : 159744 bytes
First seen: 2010-10-15 02:09:50
Last seen : 2010-10-15 02:09:50

------------------------------------------------------------------------

VirusTotal: 21/43

http://www.virustotal.com/file-scan/report.html?id=cd5470605c564b8f7bca95e59eb9c15198d7935aa6fc5edb5de2bd58f5c61a8c-1287109607

TR/Dropper.Gen (Avira)

MD5   : ffb0f91b6f4baa70011a2b6615dcb0c9
SHA1  : aae7264e23e2bac578c7b4671fc7171a05432c58
SHA256: cd5470605c564b8f7bca95e59eb9c15198d7935aa6fc5edb5de2bd58f5c61a8c
ssdeep: 12288:3w4VrnE/2foyCqHFlznwl1YlZBCj/XRr7Y3hh:A4VrnMCoyRwl18Bm/Xkhh
File size : 414562 bytes
First seen: 2010-10-15 02:26:47
Last seen : 2010-10-15 02:26:47
« Last Edit: October 15, 2010, 04:29:20 AM by Henrique - RJ »

lastsamurai

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #103 on: October 15, 2010, 02:16:06 PM »
File name:
Avast AntiVirus 4.7.x keygen by-GCT.r00
Submission date:
2010-10-15 12:10:08 (UTC)
Current status:
finished
Result:
7/ 43 (16.3%)

Gen:Variant.Kazy.1653(BitDefender)

http://www.virustotal.com/file-scan/report.html?id=b97507708b29aaba8d99f70e5c74a1534e2dbc6d5ad661db0fa19effa8d56f87-1287144608

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 86941
  • No support PMs thanks
Re: Samples missed by avast (VirusTotal links only!)
« Reply #104 on: October 15, 2010, 04:44:41 PM »
Why are you all not taking any notice of what a member of the avast virus labs is saying, this topic is pointless.

Hello,
I think that the best way is to send the files to virus@avast.com with subject "Undetected malware".
This VT links on forum doesn't help us at all, you can include them to email body.

Milos

So please do as is suggestive, send the samples to avast. So I guess the next step is in your hands send the samples and stop posting or I guess this topic will be closed too.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.9.6034 (build 22.9.7554.734) UI 1.0.728/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security