Jump to content
chen

Virus Sample

Recommended Posts

virus sample

password:virus

immunet free Cannot detected

Edited by ritchie58
Malware sample zip file removed.
  • Like 2

Share this post


Link to post
Share on other sites

Hi ryuusei, as much as we very much apreciate your efforts at submitting new samples to us I will inform you once again that to add malware to your posts is not the best thing to do for the security of other forum members. Could please resubmit yor sample and any future samples to support @ immunet.com via email or directly to the Clam AV team at this link http://cgi.clamav.net/sendvirus.cgi. There seems to be a problem connecting to the server using submit@samples.immunet.com at the moment. Thank you, Ritchie...

Share this post


Link to post
Share on other sites

hi ritchie58

I want to talk about the following things

1.This sample in 4 days ago submitted to clamav team and submit to submit@samples.immunet.com, also sent to support@immunet.com, currently determine clamav can detect, but immunet free can not be detected.

clamav: Win.Trojan.PSW.Qqpass

Virustotal, anubis, threatexpert and avira scan results

anubis:http://anubis.iseclab.org/?action=result&task_id=16e0de2e2fee9b4b4b59314c015712f76&format=html

avira:https://analysis.avira.com/en/status?uniqueid=rHMwC7CVR5Hj9x7VgDGbL89BGD4wpURD&incidentid=1321331

threatexpert:http://www.threatexpert.com/report.aspx?md5=f464888e2c71e8889d5b0917d854f607

virustotal:https://www.virustotal.com/file/21095a4a6931a8309121b05d0119db1e3ed95cb6f01ddb76b41b22655b5c5986/analysis/1353679889/

2 .sample is by the normal EXE files and malicious DLL file a zip file, he caused fortinet For the first time analysis of the samples determined to be clean, but I please fortinet re-analysis DLL file ,before deciding is a Trojan.

3. Notification immunet team determine the samples to an automated system can determine the analysis this sample.

4.Please inform my analysis results.

English is poor, so use google translate, translation is not good, please forgive

Share this post


Link to post
Share on other sites

Usually samples are looked at within 24 to 48 hours after submission if not sooner. If a situation occurs where any AV company is swamped with new virus samples it can, on occasion, take a little more time to anylize what is a false positive and what is genuine malware that needs to be convicted. Thanks for the clarification and heads up on that ryuusei. It does appear that it is genuine malware by Virustotal as numerious AV's have flagged it and needs to be as yet convicted by Immunet.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×