PHP/BOT.A not detected by avast

polonus · July 10, 2011, 4:53pm

See Virustotal scan: http://www.virustotal.com/url-scan/report.html?id=ab3bc412144037602fa969507357defa-1310304084
Last updated file analysis scan:
http://www.virustotal.com/file-scan/report.html?id=a65cc094b2118dcfeb09c55b68ecf9a8936d3a9b56913593675c3fe90f7b0859-1310314022
Wepawet does not flag it: http://wepawet.iseclab.org/view.php?hash=ab3bc412144037602fa969507357defa&t=1310315852&type=js
Re-analyzed scan: http://www.virustotal.com/file-scan/report.html?id=a65cc094b2118dcfeb09c55b68ecf9a8936d3a9b56913593675c3fe90f7b0859-1310315984
Bugbopper info:
Platform: PHP: A PHP script virus that runs under PHP under any OS
and that infects other PHP files when run.
Family: A

polonus

info sent to virus AT avast dot com

polonus · July 10, 2011, 7:57pm

Given here as high risk page: http://siteinspector.comodo.com/public/reports/95618
unique URL used in RFI attacks
There are various script attack reports online with sample actions from 4dot249dot153dpt217,
First Offensive Action date 2011-06-19 00:00:00 UTC
Last Offensive Action date 2011-07-10 00:00:00 UTC

polonus

PHP/BOT.A not detected by avast

Announcements