Pondus
4
Norman lab say infected
PC-S__EPSON_SX100-105_and_S21_Ink_Waste_Resetter__SKE_.exe : Processed - Smalltroj.ZOLI
As per the analysis, Some malicious activities are found in the file. Such as,
- Changing the firewall policy
- Creating the selfcopy of file as hidden in “Application Data” directory.
- Creating another self-copy with the name of “winlogon.exe”.
4 Creating multiple entry to run the same file at startup.
5 Performing malicious network activity may permit unauthorized access to data or may compromise the confidentiality.
also detected by Malwarebytes - Trojan.MSIL.Gen
will upload to avast! and SAS 