http://pan.baidu.com/s/1eglbi
the password is :86i1
i am from china
http://pan.baidu.com/s/1eglbi
the password is :86i1
i am from china
Its A Flystudio type hacktool thingy.Many AV;s dont classify some varients of it as malware so cant say really.Better to stay away from it.Sent it to avast anyway
who can tell me if this is a NEW virus?upload the file to www.virustotal.com and test with 40+ malware scanners post link to scan result here
alternative: www.metascan-online.com / www.jotti.org
On the download link: This is given as suspicious from that link:
script) pan.baidu.com/res/static/js/plug/html5.js
status: (referer=pan.baidu.com/s/1eglbi)saved 1371 bytes 99c22abccd18a8c6f9e96236dbb502ca85107b46
info: [decodingLevel=0] found JavaScript
suspicious: when html5 comes into rise, we see new security issues: http://www.sophos.com/en-us/security-news-trends/security-trends/html5-and-security.aspx
On the actual download:
The object classid$=":D27CDB6E-AE6D-11cf-96B8-444553540000 works fine in firefox not in IE
This seems OK: http://www.systemlookup.com/O16/919-Macromedia.html
polonus
First submission 2013-10-06 12:06:12 UTC ( 1 day, 1 hour ago )
sample sendt avast lab in mail
Thank you, Pondus, for doing so. We could also consider these results as I got them through the example MD5 hash. Here it is from VirScan dot org for that particular exe file: http://r.virscan.org/bd62ee38a3624bd070fbd59f27aa8756
As you see from there it is a Graftor type backdoor, there is also the possibility it is a false positive or a Morto worm type variant,
because this is a generic detection. And we know how it is with gen detections!
polonus