avast! one of the few to detect Win32:Elderado-B [Trj] here!

see: https://www.virustotal.com/nl/url/0f01f7f562862721a9671a7c8da476c02def26d7ff6712d3debfbb8fb1ae2c71/analysis/1412698647/
amd
https://www.virustotal.com/nl/file/2e29c60275f0d21724bc44337bb4db1590031b7b43b149133c424db9583bc234/analysis/1411962079/
100/100% malicious confirmed: http://zulu.zscaler.com/submission/show/9483d6ce608be4c99cdec992a7b4bca3-1412700730

See code anomalities: http://jsunpack.jeek.org/?report=8520886a29596e92b59d6ed934d2afe8311e1b32
Open link with NoScript active and inside a VM - for security researchers only.

Malware downloads detected: http://app.webinspector.com/public/reports/25824330

Links to malware files detected:
Link to Malware File. Found by Antivirus Engine.
SHA1: 5ebb94e52c2a0132ff21901dcea4ccd81a279158
https://www.virustotal.com/nl/file/2e29c60275f0d21724bc44337bb4db1590031b7b43b149133c424db9583bc234/analysis/
Also found on virussign.

polonus

always check with a fresh scan, your file scan was 1 week old :wink:

that said, one week later only TrendMicro have followed the others ???
https://www.virustotal.com/nb/file/2e29c60275f0d21724bc44337bb4db1590031b7b43b149133c424db9583bc234/analysis/1412702865/

Hi Pondus,

In that case I am not very impressed by that week’s progress ;D.
Still avast! one of the few there. Just count how many users on other av solutions could be targeted as sitting ducks.
And I am still wondering why Norman stays in the same class as avast! does? :smiley:
You have any clue? :wink:

hej hej,

polonus

And I am still wondering why Norman stays in the same class as avast! does? :D You have any clue? ;)
Hmmm ...... could be my fault ;)