New Trojan (NewHeur_PE)

Dear All,

Today i got information from my workmate that avast! v.5.0 not detect this new variant yet, we are not sure whether this is caused by FP or avast! not release a new engine to detect this attacks?

Please visit reference link for the result :

http://www.virustotal.com/analisis/06730295a750f38a36dc4357efe7c6c5d6780933f5625293779eccc705d39ec5-1280981740

http://virusscan.jotti.org/en/scanresult/3412110477191cf28de82287c7a25ebfaf24c019/98e0ff11b258c538234795d12d39dbc2a44ec7aa

We already submitted the virus/malware source to virus@avast.com and just waiting for confirmation.

cheers,

Thanks for the info. Yanto.Chiang. Keep us updated.

Hi SafeSurf,

You are most welcome

You may want to also try these sites as well:

http://www.urlvoid.com/
http://www.unmaskparasites.com/security-report/?page=servepics.com
http://www.uploadmalware.com/

Well given the malware name NewHeur (New Heuristic) PE (Packed Executable) that would seem to be a heuristic detection and many of the other detections on VT are generic, so there is a lot of unknowns about how it was actually detected. So not just a simple signature detection, though there are some in the VT results, but they differ widely. Some are detecting it on what seems to be the packing alone.

It wouldn’t be a new engine to detect this, but an update to an existing heuristic or generic signature assuming it is a good detection.

Dear David,

avast! has been up to date and caught this .exe file as Win 32:Trojan-Gen.

This is prompt action from avast software team.

cheers,

Good to know Avast is doing it’s job! :slight_smile: :slight_smile: :slight_smile: Thanks for the update.