Jump to content

Qrt01Cb2D315D5E9D78.zip


Guest goodjohn1984

Recommended Posts

Guest goodjohn1984

This might be malware or is just a false positive.

 

qrt01cb2d315d5e9d78.zip

 

MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe

 

http://www.virustotal.com/analisis/f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668-1280197029

 

http://camas.comodo.com/cgi-bin/submit?file=f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668

 

http://www.virscan.org/report/65983c6a0821fe2b157d6ac894e57af2.html

 

 

Additional information

File size: 19744 bytes

MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe

SHA1..: 407a42d6c56c082b9ad68538583a2b9d0e16c205

SHA256: f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668

ssdeep: 384:8XbHgWiNwxlodjTuByWO9zTZ2RxA24InY+UuF6s2u6Ak5YwttCsNoxoVKTrY

7:AbAWiNwx+ORO93cjA+BF6sP2pETrM

PEiD..: -

PEInfo: -

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: ZIP compressed archive (100.0%)

packers (Kaspersky): PE-Crypt.XorPE

packers (F-Prot): XORCrypt

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

Link to comment
Share on other sites

Guest orlando

This might be malware or is just a false positive.

 

qrt01cb2d315d5e9d78.zip

 

MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe

 

http://www.virustotal.com/analisis/f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668-1280197029

 

http://camas.comodo.com/cgi-bin/submit?file=f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668

 

http://www.virscan.org/report/65983c6a0821fe2b157d6ac894e57af2.html

 

 

Additional information

File size: 19744 bytes

MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe

SHA1..: 407a42d6c56c082b9ad68538583a2b9d0e16c205

SHA256: f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668

ssdeep: 384:8XbHgWiNwxlodjTuByWO9zTZ2RxA24InY+UuF6s2u6Ak5YwttCsNoxoVKTrY

7:AbAWiNwx+ORO93cjA+BF6sP2pETrM

PEiD..: -

PEInfo: -

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: ZIP compressed archive (100.0%)

packers (Kaspersky): PE-Crypt.XorPE

packers (F-Prot): XORCrypt

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

 

Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability.

 

seem false positives.

 

Orlando

Link to comment
Share on other sites

Guest goodjohn1984

Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability.

 

seem false positives.

 

Orlando

 

Yeah, sometimes I do, but sometimes I zip them to avoid it being quarantined before I can submit them.

 

Thanks.

Link to comment
Share on other sites

Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability.

 

seem false positives.

 

Orlando

 

Some email services (GMAIL) will not allow a .exe attachement. If fact, won't even allow an exe .zipped. I had to rename ctv.exe to ctv.exe.foo and then zip it.

Link to comment
Share on other sites

Guest orlando

Some email services (GMAIL) will not allow a .exe attachement. If fact, won't even allow an exe .zipped. I had to rename ctv.exe to ctv.exe.foo and then zip it.

 

I mean as if there's toal virus files directly. Antivirus works better with .exe files.

 

Orlando

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...