Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Undetected malware


Wild4fire

Recommended Posts

Posted

As the subforum for new threats apparently isn't accessible, I'll post a new threat here.

 

I already knew it would be malware, as it came within a ZIP-archive attached to some bogus spam e-mail :)

 

VirusTotal and Virusscan.jotti.org both confirm my suspicions. Weirdly enough, my virusscanner Avast v6 didn't recognize it. Neither did SUPERAntispyware Professional, and neither did IObit Security 360.

 

(IObit Security 360; OS:Windows 7; Version:1.6.0.2; Define Version:2426)

 

Results from virusscan.jotti.org -- http://virusscan.jotti.org/en/scanresult/5f3bf4947ea58924033bac41ace2f63eb926c0a7

 

Results from virustotal.com -- http://www.virustotal.com/file-scan/report.html?id=eeb15040b83a30141c08bce87397c3b980e219280abf23074293cde1b3a7a483-1302172023

 

(ZIP is password protected with the password infected)

 

EDIT:

Thanks Wild4fire, I have copied your post to Submit New Thred section for IObit to investigate it, and deleted the attached file here for security reasons.

Posted

No, I have not uploaded it to the IObit Cloud so I've just done so. As the service is currently overloaded it will probably take a while, but when it's done I'll edit this post to add the results from the Cloud scan.

 

By the way, the spam e-mail message I received contained this message:

 

Dear customer

 

The parcel was sent your home adress

And it will arrive within 10 business days

 

More information and the tracking number

are attached in document below.

 

Thank You

 

Delivery Express 1995-2011

 

The infected detail.exe was attached to this message within an archive named detail.zip

 

 

-- Update: I just received another spam e-mail with this infection. It seems Windows Defender now recognizes it, as it intercepted it as I opened the ZIP-file. Windows Defender recognizes it as win32/chepvil.j. Strange, however, that yesterday it didn't detect anything, while it hasn't been updated in the meantime. Perhaps because yesterday I first saved the attachment and then opened it, and now I opened it from within Thunderbird itself?

 

Oh, by the way: no, I didn't execute the file, I only opened the ZIP to see if it was the same file. So no infection got into my PC :)

 

-- Update #2: the IObit Cloud is currently useless, as my file has been waiting in its queue for over one and half hour now. And apparently, Avast has updated in the meantime and now does recognize this malware. I'm gonna leave it at this.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...