avast! miss detection of Zeus v3

Note: Not only avast!, also many others

Only: 5/41

https://www.virustotal.com/analisis/ff1c48348b323c90dae8859685ea8a8e3b79601c30f66a85dece28b85e508909-1273290679

By Natalia Ilina at Malware Domain List

2010/06/08_09:33
pausestorm.com/esp/load/myexebr.exe - Zeus v3 [trojan]

196.221.67.78
Natalia Ilina (threw@freenetbox.ru) 24835

another undetected worm by avast!:

http://www.virustotal.com/analisis/34dde8cc54f1d035236117f28319192252ee232eed8ddab48a63d40017adae45-1276031237

One more:

http://www.virustotal.com/analisis/bc322b072246e7810627110b41af2b9e679e612be2ca302302c7b2a656342212-1276034787

The files already submitted to avast lab

Hi LLanziel,
The example you came up with in the first posting of the thread:
http://www.malwaredomainlist.com/mdl.php?inactive=&sort=Description&search=pausestorm.com&colsearch=All&ascordesc=DESC&quantity=100&page=0

Here is a list of malware domains hosting Zeus v3:
2010/06/09_15:00 campinglavall.net/img/soso.jpg 62.193.209.39 vds-873329.amen-pro.com. zeus v3 trojan Plana Rovira S.L. / 28677 Not detected anywhere else…San with URLVoid gives all clean…
but detected here as well: http://support.clean-mx.de/clean-mx/viruses?id=597634 (do not click anything there!)
2010/06/09_15:00 llessui.com/imagenes/flash.bin 91.121.152.148 host.computerwealthy.es. zeus v3 config file Computer Wealthy, S.L. / 16276
2010/06/09_15:00 caseva.es/images/totalff.jpg 89.207.232.14 mercurio.dominiodns.com. zeus v3 trojan - 41287
2010/06/09_15:00 loteriahadamadrina.com/imagenes/flash.bin 87.106.81.67 s15331284.onlinehome-server.info. zeus v3 config file Gravitynet E-Solutions, S.L.U. (SROW-373360) / registrosATgravitynet.es 8560
2010/06/09_15:00 tributem.com/latbuena_11.jpg 81.169.145.148 w94.rzone.de. zeus v3 trojan Jose Manuel Reguera Silva / josemaregueraAThotmail.com 6724
2010/06/09_15:00 tributem.com/latbuena_15.jpg 81.169.145.148 w94.rzone.de. zeus v3 trojan Jose Manuel Reguera Silva / josemaregueraAThotmail.com 6724
2010/06/09_15:00 barriolamc.com/inc/flash.bin 89.207.232.20 servidor4.dominiodns.com. zeus v3 config file Computer Wealthy, S.L. / 41287
2010/06/09_15:00 caseva.es/images/totalimg.jpg 89.207.232.14 mercurio.dominiodns.com. zeus v3 trojan - 41287
2010/06/09_15:00 municipalidadlagoranco.cl/images/banners/cocaine.jpg 66.7.198.88 server2.dns-principal-2.com. zeus v3 trojan - 33182
2010/06/09_15:00 campinglavall.net/img/packmen.jpg 62.193.209.39 vds-873329.amen-pro.com. zeus v3 trojan Plana Rovira S.L. / 28677
2010/06/09_15:00 municipalidadlagoranco.cl/images/banners/samo.jpg 66.7.198.88 server2.dns-principal-2.com. zeus v3 trojan - 33182
2010/06/09_15:00 cooperaccio.org/img/flash.bin 217.76.130.89 llgf010.servidoresdns.net. zeus v3 config file David Pruja / infoATcooperaccio.org 20718

Just a small sample of sites collected,

polonus