Guest goodjohn1984 Posted July 27, 2010 Report Share Posted July 27, 2010 This might be malware or is just a false positive. qrt01cb2d315d5e9d78.zip MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe http://www.virustotal.com/analisis/f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668-1280197029 http://camas.comodo.com/cgi-bin/submit?file=f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668 http://www.virscan.org/report/65983c6a0821fe2b157d6ac894e57af2.html Additional information File size: 19744 bytes MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe SHA1..: 407a42d6c56c082b9ad68538583a2b9d0e16c205 SHA256: f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668 ssdeep: 384:8XbHgWiNwxlodjTuByWO9zTZ2RxA24InY+UuF6s2u6Ak5YwttCsNoxoVKTrY 7:AbAWiNwx+ORO93cjA+BF6sP2pETrM PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: ZIP compressed archive (100.0%) packers (Kaspersky): PE-Crypt.XorPE packers (F-Prot): XORCrypt sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Link to comment Share on other sites More sharing options...
Guest orlando Posted July 27, 2010 Report Share Posted July 27, 2010 This might be malware or is just a false positive. qrt01cb2d315d5e9d78.zip MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe http://www.virustotal.com/analisis/f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668-1280197029 http://camas.comodo.com/cgi-bin/submit?file=f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668 http://www.virscan.org/report/65983c6a0821fe2b157d6ac894e57af2.html Additional information File size: 19744 bytes MD5...: 1a8cc40d7c605bcbcbff60c2410b5dfe SHA1..: 407a42d6c56c082b9ad68538583a2b9d0e16c205 SHA256: f975c6a172a2708c398f35e5c03a7189c6e7f3756297dcfdefa9d0b24b788668 ssdeep: 384:8XbHgWiNwxlodjTuByWO9zTZ2RxA24InY+UuF6s2u6Ak5YwttCsNoxoVKTrY 7:AbAWiNwx+ORO93cjA+BF6sP2pETrM PEiD..: - PEInfo: - RDS...: NSRL Reference Data Set - pdfid.: - trid..: ZIP compressed archive (100.0%) packers (Kaspersky): PE-Crypt.XorPE packers (F-Prot): XORCrypt sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability. seem false positives. Orlando Link to comment Share on other sites More sharing options...
Guest goodjohn1984 Posted July 27, 2010 Report Share Posted July 27, 2010 Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability. seem false positives. Orlando Yeah, sometimes I do, but sometimes I zip them to avoid it being quarantined before I can submit them. Thanks. Link to comment Share on other sites More sharing options...
WacoJohn Posted July 27, 2010 Report Share Posted July 27, 2010 Would be better to unzip and then send them for analysis, the results would be different. If one could know where these files arrive I could authenticate the reliability. seem false positives. Orlando Some email services (GMAIL) will not allow a .exe attachement. If fact, won't even allow an exe .zipped. I had to rename ctv.exe to ctv.exe.foo and then zip it. Link to comment Share on other sites More sharing options...
Guest orlando Posted July 28, 2010 Report Share Posted July 28, 2010 Some email services (GMAIL) will not allow a .exe attachement. If fact, won't even allow an exe .zipped. I had to rename ctv.exe to ctv.exe.foo and then zip it. I mean as if there's toal virus files directly. Antivirus works better with .exe files. Orlando Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.