Samples missed by avast (VirusTotal links only!)

system · 2011-11-19T10:06:08.000Z

polonus · 2011-11-19T15:06:40.000Z

L.S.

For the first VT file results given in the row in the previous posting. This info could also be interesting for users to know. Ssome more info about the general threat since November 16th last from Cisco’s: http://tools.cisco.com/security/center/viewThreatOutbreakAlert.x?alertId=24212 link info provided by Cisco Threat Outbreak Alert by Cisco threat analysists, so a general mail threat!

polonus

system · 2011-11-20T12:43:51.000Z

http://www.virustotal.com/file-scan/report.html?id=dabe9b890b3af51c56d8990123b2bf6db0cf42c47e6aec7accd455894baf78de-1321792341

http://www.virustotal.com/file-scan/report.html?id=b611fb2dd28d05cdade1e2a7a60bc506503d857214efe4dffe42002585fa2f24-1321792565

polonus · 2011-11-21T21:33:51.000Z

Unknown google malware not detected here: http://www.virustotal.com/url-scan/report.html?id=7a8c4b07930ab724a8677f5806e7026a-1321906641
http://www.virustotal.com/file-scan/report.html?id=020a56d4541201f4daabe2c2b7c4e059ae6aac7838f073f1fe96e6073ed5d4f5-1321910484
Only Avira detects according to: http://vscan.urlvoid.com/analysis/358e5bf8168f49f29f3849a098da41f2/c2VsbG1lMi1leGU=/

reported to virus AT avast dot com

polonus

polonus · 2011-11-24T15:10:40.000Z

So-called Toggle-virus to mdl_zeus v2 trojan bot detected by avast:
See: http://www.virustotal.com/url-scan/report.html?id=cb0a29dd89c7b5922bf16e1d92d4fdc8-1322143020
and file scan: http://www.virustotal.com/file-scan/report.html?id=d1522235c1bde90caeb3fe2a01cf20447dc0801c48d55ce168262bfeb11f8a6b-1322146839
See: http://threatcenter.crdf.fr/?More&ID=53545&D=CRDF.Malware.Win32.PEx.9885989241

polonus

JuninhoSlo · 2011-11-25T23:13:56.000Z

Undetected malwares

1: http://www.virustotal.com/file-scan/report.html?id=5779c4e1f87bae0c9824cc0d7756eb18872f898b4b8a376450c21cc0af20853f-1322253312

2: http://www.virustotal.com/file-scan/report.html?id=fbebe07698a9131e21d3fe35135170ff66f276206ce8ea7a5f3dc8f03457e67b-1322258316

3: http://www.virustotal.com/file-scan/report.html?id=23ce319fe0bcfb2145c8235ea03c9a88e6f0f1c8a9012ca2566781a18e0df719-1317477939

4: http://www.virustotal.com/file-scan/report.html?id=957ee6fe70f078dde26cba2b7f3c459d46906b9b7e73abfb88c281d02ffa030f-1322262162

polonus · 2011-11-26T15:02:30.000Z

Not detected by avast TR/Dropper.Gen, see VT reports:
http://www.virustotal.com/url-scan/report.html?id=03eaaf10f32a125d14c7d671088811f2-1322315364
and
http://www.virustotal.com/file-scan/report.html?id=66c2910fdd8a276fa259ee5ebb8a7f6c8c80e9c850e431383835f05deaf997f4-1322319180

polonus

polonus · 2011-11-27T00:03:36.000Z

Hi folks,

See: http://www.virustotal.com/url-scan/report.html?id=0ae5f16b5624044f5994406e5e1d16ba-1322346824
and
http://sakrare.ikyon.se/log.php?id=19177
see Sucuri detection of mentioned malware:
web site: -http://www.modeplatsen.se
status: Site infected with malware
web trust: Not Blacklisted

Malware found in the URL:
-http://www.modeplatsen.se

Known javascript malware.
Details: http://sucuri.net/malware/malware-entry-mwjsanon7

polonus

system · 2011-12-05T20:31:06.000Z

Virus?

http://www.virustotal.com/file-scan/report.html?id=d5e1bbc7c2338ff9326cb4a698b65a447bd3d9827d2947c39db1d4b4ebba313c-1323115997

system · 2011-12-06T15:17:48.000Z

Adek022 post:509:

Virus?

http://www.virustotal.com/file-scan/report.html?id=d5e1bbc7c2338ff9326cb4a698b65a447bd3d9827d2947c39db1d4b4ebba313c-1323115997

Looks like a very old macro for WinWord 95)

polonus · 2011-12-06T15:29:31.000Z

Hi Dim@rik,

Well a year means ages in computer terms: 2011/01/15 13:57:20 (CET)
But 2008 means a golden oldie:
Detected Jun 15 2008 16:27 GMT
Released Jun 15 2008 21:14 GMT
McAfee Description Modified 2004-06-09

polonus

system · 2011-12-06T15:33:08.000Z

polonus post:511:

Hi Dim@rik,

Well a year means ages in computer terms: 2011/01/15 13:57:20 (CET)
But 2008 means a golden oldie:
Detected Jun 15 2008 16:27 GMT
Released Jun 15 2008 21:14 GMT
McAfee Description Modified 2004-06-09

polonus

Hi Polonus

Old macro

polonus · 2011-12-06T15:48:59.000Z

@Dim@rik

Stare przeboje.

pozdrawiam,

Damian

polonus · 2011-12-06T17:25:00.000Z

See: http://www.virustotal.com/url-scan/report.html?id=833ba4370a302059694636f14f1bd217-1323187934
and
http://www.virustotal.com/file-scan/report.html?id=2101461338093052af0a45936d9c1aa6c6fb4546849f192ab2a02a224a8c2bac-1323191725
High risk: http://siteinspector.comodo.com/public/reports/748001

polonus

system · 2011-12-07T12:28:59.000Z

Bookmarked

DavidR · 2011-12-07T12:34:05.000Z

Bookmark it, stickies are a pain in the rear; not long back you had to scroll down to get to the live content too many stickies.

Asyn · 2011-12-07T14:11:11.000Z

DavidR post:516:

Bookmark it, stickies are a pain in the rear; not long back you had to scroll down to get to the live content too many stickies.

+1

polonus · 2011-12-07T17:39:05.000Z

zeus v2 trojan detection
See: http://www.virustotal.com/url-scan/report.html?id=44fe92bbbdf8dba89791a2d93cb2aa21-1323275210
See: http://www.virustotal.com/file-scan/report.html?id=197073d0ff15cda527ab0eba11614885b533e6cf5d27a359719365e292fad7ed-1323278814
Blacklisted: http://siteinspector.comodo.com/public/reports/754142

reported to virus AT avast dot com

pol

system · 2011-12-07T19:09:43.000Z

Winlock aka Ransom

http://www.virustotal.com/file-scan/report.html?id=b8fd8574cddd5f42cee752b90d335d273ce841b8832226888e796534951145ac-1323284069

http://www.virustotal.com/file-scan/report.html?id=d072a8782c4bf5e7c9d2f8194a52a17775fb0a5171ff76b64f20312e93ed2866-1323284252

exploit pack - Exploit.Java.CVE-2011-3544 (Caught on the same site where the spread blockers)

http://www.virustotal.com/file-scan/report.html?id=e033996289f657e5c3549239049432e1e0c342810eb8a9cabd28dfe070eecdb8-1323284330

Sent to Avast.

Dim@rik

system · 2011-12-09T13:22:40.000Z

W32/Pinkslipbot.gen.as

http://www.virustotal.com/file-scan/report.html?id=9f7b01a804dc29d301c169cd292bf6c8cd88b15ca1e0ee35f47c1aee8f3c9b99-1323436044

Announcements