Posted 23 November 2012 - 02:18 PM
hi ritchie58
I want to talk about the following things
1.This sample in 4 days ago submitted to clamav team and submit to submit@samples.immunet.com, also sent to support@immunet.com, currently determine clamav can detect, but immunet free can not be detected.
clamav: Win.Trojan.PSW.Qqpass
Virustotal, anubis, threatexpert and avira scan results
anubis:http://anubis.iseclab.org/?action=result&task_id=16e0de2e2fee9b4b4b59314c015712f76&format=html
avira:https://analysis.avira.com/en/status?uniqueid=rHMwC7CVR5Hj9x7VgDGbL89BGD4wpURD&incidentid=1321331
threatexpert:http://www.threatexpert.com/report.aspx?md5=f464888e2c71e8889d5b0917d854f607
virustotal:https://www.virustotal.com/file/21095a4a6931a8309121b05d0119db1e3ed95cb6f01ddb76b41b22655b5c5986/analysis/1353679889/
2 .sample is by the normal EXE files and malicious DLL file a zip file, he caused fortinet For the first time analysis of the samples determined to be clean, but I please fortinet re-analysis DLL file ,before deciding is a Trojan.
3. Notification immunet team determine the samples to an automated system can determine the analysis this sample.
4.Please inform my analysis results.
English is poor, so use google translate, translation is not good, please forgive