Re: Information of your Transactions /Phishing+Malware attack

Author	All Replies
kevyip1 join:2003-03-25 1 edit	reply to antiphishing Re: Information of your Transactions /Phishing+Malware attack Anyone know what report_8977.exe does exactly? Is it a keylogger, trojan, etc.? My avast and adware can't find anything in it. I heard about this type of email last year but couldn't find anywhere that says what the badware does.
	to forum · permalink · · 2009-06-17 13:26:35 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL 1 edit	said by kevyip1 : Anyone know what report_8977.exe does exactly? Is it a keylogger, trojan, etc.? My avast and adware can't find anything in it. I heard about this type of email last year but couldn't find anywhere that says what the badware does. See: Virustotal's 06/17/09 analysis of the report-8977.exe file: »www.virustotal.com/analisis/8e6c···45259327 Threat Expert's analysis which includes: quote: ...Threat characteristics of ZBot - a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the compromised system. and assigns the following categories: • A keylogger program that can capture all user keystrokes (including confidential details such username, password, credit card number, etc.) • A malicious trojan horse or bot that may represent security risk for the compromised system and/or its network environment • A malicious backdoor trojan that runs in the background and allows remote access to the compromised system See: »www.threatexpert.com/report.aspx···7cf26e36 MGD
	to forum · permalink · · 2009-06-17 13:36:05 ·
kevyip1 join:2003-03-25	Norton AV at Yahoo mail didn't find anything in report-8977.exe. Screenshot: »img87.imageshack.us/img87/8579/y···il01.jpg As I said, avast also didn't find anything. Is it really a malware or not?
	to forum · permalink · · 2009-06-17 14:41:40 ·
avd706 insert annoying animated gif here Premium join:2003-02-06 Union, NJ	said by kevyip1 : Norton AV at Yahoo mail didn't find anything in report-8977.exe. Screenshot: »img87.imageshack.us/img87/8579/y···il01.jpg As I said, avast also didn't find anything. Is it really a malware or not? how many word formatted attachments are also executable files? -- Team JON.
	to forum · permalink · · 2009-06-17 14:55:11 ·
kevyip1 join:2003-03-25	said by avd706 : said by kevyip1 : Norton AV at Yahoo mail didn't find anything in report-8977.exe. Screenshot: »img87.imageshack.us/img87/8579/y···il01.jpg As I said, avast also didn't find anything. Is it really a malware or not? how many word formatted attachments are also executable files? I know what Word files look like. That was not the question I asked. I asked why NAV at YM didn't detect anything.
	to forum · permalink · · 2009-06-17 15:10:16 ·
avd706 insert annoying animated gif here Premium join:2003-02-06 Union, NJ 1 edit	said by kevyip1 : Is it really a malware or not? ... I asked why NAV at YM didn't detect anything. To answer your second question: because AV software sucks and is a waste of system resources. -- Team JON.
	to forum · permalink · · 2009-06-17 15:14:08 ·
kevyip1 join:2003-03-25	said by avd706 : said by kevyip1 : Is it really a malware or not? ... I asked why NAV at YM didn't detect anything. To answer your second question: because AV software sucks and is a waste of system resources. But the virustotal report mentioned upthread says Symantec should detect it as Infostealer.Bancos.C .
	to forum · permalink · · 2009-06-17 15:25:33 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	reply to kevyip1 said by kevyip1 : Norton AV at Yahoo mail didn't find anything in report-8977.exe. Screenshot: »img87.imageshack.us/img87/8579/y···il01.jpg As I said, avast also didn't find anything. Is it really a malware or not? According to the Virus Total report: Avast was not one of the 6 AVs that detected it. While it did list Symantec detection version 1.4.4.12 as flagging it, I am not sure if that is the current definition that Yahoo is using. Based on the distributed submits many AV's will update definitions to include this detection From time to time there are discrepancies between VT's list of detections and the real world version results. In that AVs that are not listed as catching a virus, in fact are. MGD
	to forum · permalink · · 2009-06-17 15:44:25 ·
kevyip1 join:2003-03-25	FWIW, my avast just got the 6/17 definition and it still didn't detect anything. Could bogus viruses be sent out? If the intent was to waste our time figuring it out, sending us bogus viruses would be one way to do it. I've received harmless .exe files before in which months later my virus scanners still couldn't detect anything.
	to forum · permalink · · 2009-06-17 16:19:53 ·
MGD Premium,MVM join:2002-07-31 Fort Lauderdale, FL	It is possible, that ypur copy of the virus was detected during email processing. Upload your copy of the file to Virus Total for analysis: »www.virustotal.com/ request a fresh analysis if they show a previous submit. That way you can see if the the total detections has increased from the original 6. It will also confirm whether you have a live or neutered copy of the virus. MGD
	to forum · permalink · · 2009-06-17 16:50:48 ·


Thursday, 26-Nov 23:05:20	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF