Jump to content


Photo

Win32/themida

Win32/Themida malware trojan detection virus

  • Please log in to reply
3 replies to this topic

#1 ivpe6

ivpe6

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 08 April 2014 - 10:23 PM

Hello

There are malware files which are downloadable

from www.4shared.com

File

mp3.download_2014 glitter and gold - rebecca ferguson( somlivre2014 )_mp3_.zip

which was downloaded from

XXXXXXXXXXXXXXXXXXXXXX

is a malware.

Analysis

https://www.virustot...sis/1396993428/

Antivirus Result Update
AVG Win32/Themida 20140408
Ad-Aware Trojan.Packed.Libix.Gen.9 20140408
AntiVir TR/Crypt.TPM.Gen 20140408
Baidu-International Trojan.Win32.Generic.alXg 20140408
BitDefender Trojan.Packed.Libix.Gen.9 20140408
Bkav W32.HfsAutoB.30cc 20140408
CMC Packed.Win32.Black!O 20140408
Comodo Packed.Win32..Black.~A 20140408
DrWeb Trojan.Packed.650 20140408
ESET-NOD32 Win32/Packed.Themida.AAG 20140408
Emsisoft Trojan.Packed.Libix.Gen.9 ( 20140408
F-Prot W32/Themida_Packed!Eldorado 20140408
F-Secure Trojan.Packed.Libix.Gen.9 20140408
GData Trojan.Packed.Libix.Gen.9 20140408
Ikarus Packed.Win32.Themida 20140408
Jiangmin Packed.Black.Gen.a 20140408
K7AntiVirus Trojan ( 002e1e5b1 ) 20140408
K7GW Trojan ( 002e1e5b1 ) 20140408
Kaspersky HEUR:Trojan.Win32.Generic 20140408
Malwarebytes Malware.Packer.T 20140408
McAfee-GW-Edition Heuristic.LooksLike.Win32.EPO.N 20140408
MicroWorld-eScan Trojan.Packed.Libix.Gen.9 20140408
Microsoft VirTool:Win32/Obfuscator.XX 20140408
Panda Trj/Thed.A 20140408
Sophos Mal/Behav-374 20140408
TheHacker W32/Behav-Heuristic-064 20140408

Please send malware file to lab

Edited by ritchie58, 08 April 2014 - 11:37 PM.
Removed URL for other forum member's security.


#2 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,891 posts
  • LocationOil City, Pa. U.S.A.

Posted 08 April 2014 - 11:44 PM

Hi ivpe6, thanks for the heads up on this malicious link! It would be best, I think, if you submitted this information directly via email to Support at support@immmunet.com. I did delete the URL link for the safety of other forum members but I do urge you to submit that to Support. Also mention that you did post a topic in the Malware Detections section of the forum regarding this issue in your email.

Cheers, Ritchie...

* Immunet Global Forum Moderator *


#3 rsmith

rsmith

    Sourcefire Administrator

  • Administrators
  • 16 posts

Posted 10 April 2014 - 04:32 PM

Hey ivpe6, Ritchie,

Even better would be to send this directly to our Immunet Virus Submission. On our Contact Us page there is a drop down menu bar about half way down (defaults to "Register for our newsletter") and one of the options is "Submit a virus" (and "Submit a false positive" if you need it). This will send the file directly to the people that will look at it and they will flag it as malicious. The support email is more of a middle man in this situation as we forward these on after looking at them.

Feel free to send it to support@immunet.com if you would like. This is more of a For Your Information tip! :)


Regards,

- Reg

#4 ritchie58

ritchie58

    Staff Member

  • Moderators
  • 1,891 posts
  • LocationOil City, Pa. U.S.A.

Posted 10 April 2014 - 11:02 PM

Hi Reg, I would have suggested using the Contact Us page but the last several times I tried it I got an error message while attempting to submit a False Positive (please view this link). http://forum.immunet...-error-message/ Jose is aware of this and said he's looking into the situation but I haven't heard back from him regarding this. That's why I was reluctant to suggest that avenue.

BTW, if you scroll down to my newest thread in that linked topic I got several detections with SPERO while attempting to update/install TDSSKiller again. This issue has not been fixed. (Not sure if anyone has read it yet. Sorry for going off topic but that's the reason.)

Best wishes, Ritchie...

* Immunet Global Forum Moderator *






Also tagged with one or more of these keywords: Win32/Themida, malware, trojan, detection, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users