Spam not detected

GloboPlay for only 4.99 monthly. First week free!

Only here you marathon the best series, spy the BBB and do not lose your novel.for only $ 4.99 / month.

WELCOME 7 DAYS FREE

Promotional price valid for 12 months. After, $ 24.90 / month. You can cancel online anytime.

https://www.virustotal.com/gui/url/3c172e4d513a7aaaae7b72daa6ec19613453b04076f6bd88a5f23d566baa79a8/detection

What spam where ?

If you are talking about Avast for windows - As far as I’m aware the Mail Shield doesn’t detect spam.

Whilst the Avast plug-in/add-on for MS Outlook can look for Spam and the user can mark it as spam. I don’t use MS Outlook so I can’t speak from personal experience.

The VT results aren’t conclusive 2 detections but one is a bit iffy anyway. Plus the VT results are looking at a site, not an email.

Hi DavidR.

The message comes from an webmail, I do not have MS Outlook.The above text tells and site something that i myself maybe could not classify as phishing or Scam.Website content is legitimate, but the one that was injected a window of a Java update and I do not see this shown after 12.02.2019.

Diagnosing solutions and problems
We detected that you are using an old version 42 released in April 2017, Oracle has disabled the default way browsers support plugins.
Start the update

What we have this file jre-8u205-bin-win-x86.cmd when accessing the option update.

https://www.virustotal.com/gui/file/ef4ff0820cc58db3e75cb77dd1213e9b192d352ea69a9b39a56bbeb2edcd59b7/detection

avast did not detect when scanning and run there was no detection by the of the Shields in a VM.

it’s attached

This is certainly strange, it may be that avast doesn’t like the redirect. Or something to do with JAVA, I have long since abandoned JAVA as it is such a huge target for malware attack.

Do you actually have JAVA installed and more importantly do you actually use it ?

Websites have pretty much stopped using it, but some programs are JAVA based or require it. I don’t know if it is a legitimate call to update the JAVA Runtime Environment (JRE), or if this is what avast is concerned with.

the test was on a machine that had Java recent installed , but the plugin was disabled in the browser, message was a distraction to try,intention of the coup that nothing connects one thing with another,but of course it was not an application legitim and after the execution of the file cmd ,malware created, the file name placed according to the user’s account name in PC.

User.vbs

https://www.virustotal.com/gui/file/6edc86be47a1631cf7a77756173fe49803e37062bb0a2d31440b786726dc6b44/detection

Hi jefferson sant,

Have a hunch it is Mirai bot related, awful lot of that going on lately.

pol

@ jefferson sant
It could still be trying to get out even with the browser plugin disabled, given that at first it was reporting it was out of date.

The of the VT, most generic/heuristic and many have the same malware name (more of an indication they are using the same virus database), lowering the effective number of detections. Yet Avast isn’t detecting it but is possibly blocking attempts to connect to a site that avast considers suspect.

I would certainly suggest uninstalling JAVA and not just disabling the browser add-on.

I have no idea if this is Mirai bot related or not or if it uses JAVA to reach out.

Hi polonus

The file vbs,there is an address of an image likely to a news or rumor.

“bbb19 globo pronounced after opening of inquiry on racism”

@DavidR

Thanks for the suggestion.

You’re welcome.

The general recommendation is, if you don’t have a specific reason to have JAVA installed I would certainly uninstall it (essential requirement in a program or a site that requires JAVA (I would be looking for a replacement program or site).

The samples dont run just crash so no chance for behavior shield to come into play.Submitted to virus lab. :slight_smile:

Hello TrueIndian.

The samples not crashed and run,same what there no detection,for lack of mode unauthorized on behavior shield would prevent the changes from being made and capture information such as the machine name or other actions malicious.

Hey there ! Have you re-submitted the sample? Is it detected now??

Analysis they were submitted in the vírus chest in 13.02.2019.
I sent on the 27.02.2019 and later 03.03.2019 through in the contact form https://www.avast.com/en-us/report-malicious-file.php

No detection yet.