Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 374046 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
« Last Edit: January 03, 2012, 06:37:20 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline JuninhoSlo

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 849


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #589 on: January 03, 2012, 10:08:27 PM »
Hi avastfan18,

It is a fake av ransom trojan, so a real threat. Dit you forward this to virus AT avast dot com?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76118
  • Urlaub/Vacation
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Samples missed by avast (VirusTotal links only!)
« Reply #590 on: January 03, 2012, 10:11:41 PM »
Hi avastfan18,
It is a fake av ransom trojan, so a real threat. Dit you forward this to virus AT avast dot com?
polonus

Hopefully JuninhoSlo already did send it. ;)
W8.1 [x64] - Avast PremSec 22.7.7366.BC [UI.713] - Firefox ESR 91.11 [NS/uBO/PB] - Thunderbird 91.11
Avast-Tools: Secure Browser 103.0 - Cleanup 22.2 - SecureLine 5.18 - DriverUpdater 22.2 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline JuninhoSlo

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 849
Re: Samples missed by avast (VirusTotal links only!)
« Reply #591 on: January 03, 2012, 10:21:48 PM »
Hi avastfan18,
It is a fake av ransom trojan, so a real threat. Dit you forward this to virus AT avast dot com?
polonus

Hopefully JuninhoSlo already did send it. ;)

I sent UD malware -via:

-email
-chest
-http://www.avast.com/contacts

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #592 on: January 03, 2012, 10:22:50 PM »
Hi JuninhoSlo,

Thanks for adding to avast detection,

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline JuninhoSlo

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 849
Re: Samples missed by avast (VirusTotal links only!)
« Reply #593 on: January 04, 2012, 06:52:43 PM »
Hi JuninhoSlo,

Thanks for adding to avast detection,

pol

Any time ;)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
« Last Edit: January 06, 2012, 02:05:02 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!



Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #598 on: January 06, 2012, 10:01:12 PM »
See: https://new.virustotal.com/url/204247e99fbb5985046cce37b742b2433794c68cd9e4ff876a48887f8cab9391/analysis/1325883253/
and
http://vscan.urlvoid.com/analysis/7139ee9bad5b095c589c316ec27de84a/YWdlbmRhLWV4ZQ==/
See: https://new.virustotal.com/file/e4abc9d2a62fd7775738f6b36931ea14ab4b29bca2e6394f338f9508757deb63/analysis/
See: -http://jsunpack.jeek.org/?report=043e665c96f3f6945e7b09f61cc25f1649ee6b85
Visit above link only when security savvy, with ample script protection and in a VM,

reported to virus AT avast dot com,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33533
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #599 on: January 06, 2012, 11:27:05 PM »
Not detected by avast, TR/Spy.Banker.53248.13, should be detected as Win32:Malware-gen, see:
http://vscan.urlvoid.com/analysis/376702393caa1d8f6800b5bf7125765d/YXNzaXN0aXItYW9zLXZpZGVvcy1pZHMtMDAwMTIw/
See: https://new.virustotal.com/url/95ada4f72abcb65054e5241dec30309e07e8072ed3c9b9a0a8ff3c32b25320de/analysis/1325888647/
DrWeb URL checker flags: Checking: -http://198.106.204.222/view/videos/downloads/Assistir_AoS_Videos=iDs=00012012_.exe
Engine version: 7.0.0.11250
Total virus-finding records: 2511482
File size: 52.00 KB
File MD5: 376702393caa1d8f6800b5bf7125765d

-http://198.106.204.222/view/videos/downloads/Assistir_AoS_Videos=iDs=00012012_.exe infected with Trojan.DownLoader5.31000
and in this case avast does detect: http://www.virustotal.com/file-scan/report.html?id=142e69c070aa3d418a1f8fdcb121ec6aaf2c1b19572dcb7f7ba25bdbd45b5a0e-1325886727
as: Win32:Malware-gen

polonus
« Last Edit: January 06, 2012, 11:29:59 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!