Found here: htxp://crw.inffinity-internet.com/crawled_soft/files/9/5/9500882b1135c57c802762dfb8b7cebf.exe
Scanned: http://www.virustotal.com/url-scan/report.html?id=d04433f971bfd8deefd0b9219a9a5c49-1302709159
found clean here: http://www.virustotal.com/file-scan/report.html?id=87f7450d7daaa10f7a243f19ad6bdb5cb4f3a4547dc9c0e6fa4380373cb13d5f-1302716712
But found to be suspicious here: http://wepawet.iseclab.org/view.php?hash=d04433f971bfd8deefd0b9219a9a5c49&t=1302716752&type=js
The latest tests indicate that this site contains malicious software or could defraud visitors.
Site that directly or indirectly facilitate the distribution of malicious software or source code
What is on this Spanish site?,
polonus
How can we rly know what kind of malware is this?We haven’t seen it in action,it may be PUP?who knows?
http://www.mywot.com/en/scorecard/crw.inffinity-internet.com
As it is a malware distributor, and wepawet flags it as suspicious it can be a zero day, most likely a trojan,
This type of malware there detected: htxp://crw.inffinity-internet.com/crawled_soft/files/9/5/95ccc4ec4c4c05910607d1f55ca3b188.exe
now as Win32:PSWtool-N (avast): and lEFT123, How did you know this was a PUP?
http://www.virustotal.com/file-scan/report.html?id=dcccfe9483700bd2ebcd0cb28d48b0aa3ac9548a4f9ce8ea67555f1aefe3f138-1302702331
22 /39 (56.4%)
This is the type of malware found: http://info.prevx.com/aboutprogramtext.asp?PX5=135503974EC62AA426560246E6D56D000ACF98B3
polonus
P.S. Does anyone know why virustotal now only has 39 engines scanning and had 41, earlier 42???
This malware is packed with Packed/NSPack, probably some Trojan-Spy, not detected yet, poses as Windows Messenger,
polonus
Not detected yet, could be FP or PUP,
pol