chen Posted November 23, 2012 Report Share Posted November 23, 2012 virus sample password:virus immunet free Cannot detected Link to comment Share on other sites More sharing options...
ritchie58 Posted November 23, 2012 Report Share Posted November 23, 2012 Hi ryuusei, as much as we very much apreciate your efforts at submitting new samples to us I will inform you once again that to add malware to your posts is not the best thing to do for the security of other forum members. Could please resubmit yor sample and any future samples to support @ immunet.com via email or directly to the Clam AV team at this link http://cgi.clamav.net/sendvirus.cgi. There seems to be a problem connecting to the server using submit@samples.immunet.com at the moment. Thank you, Ritchie... Link to comment Share on other sites More sharing options...
chen Posted November 23, 2012 Author Report Share Posted November 23, 2012 hi ritchie58 I want to talk about the following things 1.This sample in 4 days ago submitted to clamav team and submit to submit@samples.immunet.com, also sent to support@immunet.com, currently determine clamav can detect, but immunet free can not be detected. clamav: Win.Trojan.PSW.Qqpass Virustotal, anubis, threatexpert and avira scan results anubis:http://anubis.iseclab.org/?action=result&task_id=16e0de2e2fee9b4b4b59314c015712f76&format=html avira:https://analysis.avira.com/en/status?uniqueid=rHMwC7CVR5Hj9x7VgDGbL89BGD4wpURD&incidentid=1321331 threatexpert:http://www.threatexpert.com/report.aspx?md5=f464888e2c71e8889d5b0917d854f607 virustotal:https://www.virustotal.com/file/21095a4a6931a8309121b05d0119db1e3ed95cb6f01ddb76b41b22655b5c5986/analysis/1353679889/ 2 .sample is by the normal EXE files and malicious DLL file a zip file, he caused fortinet For the first time analysis of the samples determined to be clean, but I please fortinet re-analysis DLL file ,before deciding is a Trojan. 3. Notification immunet team determine the samples to an automated system can determine the analysis this sample. 4.Please inform my analysis results. English is poor, so use google translate, translation is not good, please forgive Link to comment Share on other sites More sharing options...
ritchie58 Posted November 23, 2012 Report Share Posted November 23, 2012 Usually samples are looked at within 24 to 48 hours after submission if not sooner. If a situation occurs where any AV company is swamped with new virus samples it can, on occasion, take a little more time to anylize what is a false positive and what is genuine malware that needs to be convicted. Thanks for the clarification and heads up on that ryuusei. It does appear that it is genuine malware by Virustotal as numerious AV's have flagged it and needs to be as yet convicted by Immunet. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.