Also see: http://threatcenter.crdf.fr/?More&ID=112472&D=CRDF.Trojan.Trojan.Win32.StartPage2100307960 & http://anubis.iseclab.org/?action=result&task_id=1c7b521468c958ca46159be0fe4bd35e6 nothing here: https://www.virustotal.com/nl/file/715ae7db06b5b91d3909fbc52cc91e14d6c09a1c6051c2f14aceeece83f90161/analysis/ and for this: https://www.virustotal.com/nl/file/715ae7db06b5b91d3909fbc52cc91e14d6c09a1c6051c2f14aceeece83f90161/analysis/ part of Win7 recovery… But on this threat and the fine tuned snort IDS alerts, read this from Richard Bejtlich’s blog: http://taosecurity.blogspot.nl/2013/02/recovering-from-suricata-gone-wild.html
polonus