Author Topic: Samples missed by avast (VirusTotal links only!)  (Read 373729 times)

0 Members and 1 Guest are viewing this topic.

Offline kyuuketsuki_kurai

  • Jr. Member
  • **
  • Posts: 88
Re: Samples missed by avast (VirusTotal links only!)
« Reply #705 on: May 11, 2012, 02:50:12 PM »
Sent in an obvious phishing e-mail.
Came as file, not a link. Should really be picked up, if possible.
https://www.virustotal.com/file/0243b059675aa4853cb1ec73ff1e0407509713307bec8415cdd70c167538adb9/
Only Sophos detects it as Mal/Phish-A
Alienware 17, Windows 10, Intel Core i7-4700MQ, 8GB RAM, Avast 19.2, Chrome 72.0 64-bit

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33528
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #706 on: May 13, 2012, 01:03:34 AM »
Attack log reported to virus AT avast dot com: htxps://www.virustotal.com/file/58f30f9cd84db12c798b8a5f2b562dae257ec8fb834343bbbae0ca416f8c8e8a/analysis/1336351748/
see: hxtp://sakrare.ikyon.se/log.php?id=38752 (log report) typically found for a Blackhole attack as Trojan/Script.Gen, Mal/Iframe-W, JS/Exploit-Blacole.l,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33528
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #707 on: May 13, 2012, 06:53:34 PM »
see: hxtp://zulu.zscaler.com/submission/show/be820963ec680424e249fe3e3526fa21-1336927485
and htxp://vscan.urlvoid.com/analysis/26aab2dcab242492e53be0256e4c7d1c/aW5kZXg=/  HTML/Infected.WebPage.Gen2 aka  Trojan.JS.Iframe.BDQ
not detected and reported to virus AT avast dot com,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #708 on: May 14, 2012, 12:32:30 PM »
Not detected here: https://www.virustotal.com/file/3635144a0bbf5cf99087114adcc03782f2c958534d2a823aaa68fa357ce09153/analysis/1336989764/

Trojan-FakeAV.Win32.SecurityShield.bfa


reported to avast!  ;)

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #709 on: May 14, 2012, 12:36:22 PM »
Trojan.FakeSysDef. Rogue Data Recovery

http://r.virscan.org/report/e2bd222bd7cb781c511fde03b661aaf7.html

reported for analysis  ;)


Fake scan URL [Will not post it here] [Found in my e-mail Junk]

reported to avast
« Last Edit: May 14, 2012, 12:40:14 PM by true indian »

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #710 on: May 14, 2012, 12:47:05 PM »

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #711 on: May 14, 2012, 01:09:02 PM »

true indian

  • Guest
« Last Edit: May 14, 2012, 01:37:56 PM by true indian »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33528
  • malware fighter
Re: Samples missed by avast (VirusTotal links only!)
« Reply #713 on: May 14, 2012, 10:47:20 PM »
Not detected: htxps://www.virustotal.com/file/0fc8b26edb1f20c4e9048b9e49322475a6c67017d8496d25e50e63add10443be/analysis/
see: htxp://zulu.zscaler.com/submission/show/b9c0b18ba77ccc2f4f65e6f8d1c3eb87-1337028150

reported to virus AT avast dot com,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

true indian

  • Guest

true indian

  • Guest
Re: Samples missed by avast (VirusTotal links only!)
« Reply #715 on: May 16, 2012, 09:48:03 AM »
- Detected BlackHole exploit kit HTTP GET request
- Detected Live BlackHole exploit kit

http://urlquery.net/report.php?id=54555

http://zulu.zscaler.com/submission/show/57563010e557ca01c429eeefa48933af-1337158962

Detection missed by avast! so sent to virus lab.   ;)



Ransom GEMA - German
https://www.virustotal.com/file/911740ab567a7ac3ea3b68d64b21fc4205a24775119a5559b497e592ef5890ec/analysis/

sent to avast!
« Last Edit: May 16, 2012, 11:03:35 AM by true indian »

true indian

  • Guest

true indian

  • Guest

true indian

  • Guest

true indian

  • Guest