VS0608002 Possible new malware [Banker?]
Data on a sample of a suspected new malware being spread via a link
in an e-mail.
This was caught by my Bayesian Filter.
I have included data on a sample downloaded from the link for your information and analysis .
1 copy has been trapped so far.
I haven’t had a chance to test it on a goat system yet.
============================================================
Details:
FileName: fotos.shs
FileDateTime: 27/08/2006 12:56:44
Filesize: 250368
MD5: ab159c80a805c2f4186044c2e1da17f4
CRC32: E732C669
File Type: Microsoft Word Document
============================================================
Scan report of: fotos.shs
@Proventia-VPS Malicious (Cancelled)
AntiVir -
Avast! -
AVG -
BitDefender Generic.Banker.VB.9534C67F
ClamAV -
Command -
Dr Web BackDoor.Generic.1408
eSafe SuspiciousScrapFile
eTrust-INO -
eTrust-INO (BETA) -
eTrust-VET -
eTrust-VET (BETA) -
Ewido -
F-Prot -
F-Secure -
F-Secure (BETA) -
Fortinet -
Fortinet (BETA) -
Ikarus -
Kaspersky -
McAfee -
McAfee (BETA) -
Microsoft -
Nod32 -
Norman -
Panda -
Panda (BETA) -
QuickHeal Suspicious (warning)
Sophos -
Symantec -
Symantec (BETA) -
Trend Micro -
Trend Micro (BETA) -
UNA -
VBA32 BackDoor.Generic.1408
VirusBuster -
WebWasher Heuristic.Malware.FKM
YY_Spybot -
============================================================
Please note that this blog has now moved to my own hosted domain here: http://momusings.com/vsub/.
A full RSS/ATOM feed can be found there.
All the data up to the end of December 2006 will be left here, however all postings from the 1st of January 2007 onwards will only be available at this blogs new home.
ALL future postings will only be available at the new site.
