polonus
1
This file is downloading some weird software. (Screenshot)
I ran it in the VM i used for the Brontok Worm.
polonus
3
Hi Steven Winderlich,
Well understandable and for you this seems so, as this is Chinese malcode and I think it can be classified as a fraud tool, see:
http://www.slideshare.net/trojanremoval2/hacktoolwin32-keygen-2
We have to be vigilant not to visit particular sites that install this down loader from a pre-defined server,
because that could lead to continuous reinfection whenever such a site is frequented.
polonus
Just sent the file to Avast.
We will see what they do about it.
polonus
5
Hi Steven Winderlich,
Good action, there is where all our detection belong->
… in the hands of the avast detection system landing at the avast team desk to evaluate further.
polonus