Interesting piece of malware

Discussion in 'malware problems & news' started by Toby75, Jul 31, 2009.

Thread Status:
Not open for further replies.
  1. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Hello Wilders Finest,

    I just came across a sample that is at least 3 months old and is detected by 1/41 on VT. (Sophos detected it)

    Surprisingly I scanned it with SAS Free and it detected it too! MBAM did not detect.

    PM me if you would like to play.
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    What is interesting in it? What actions it is supposed to do?
     
  3. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Please PM me the sample. :cool:
     
  4. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
  5. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    It's rare that a piece of malware that has been out at least 3 months will go undetected by this many AV's. I'm not sure what it does. Sophos detects it as Mal/WaledPak-D
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,855
    I doubt it's anything serious, feel free to send me it.
     
  7. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I just submitted it to 30+ vendors so we will find out :D
     
  8. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Maybe its simply not "wild" enough, or corrupt, or not malicious? - not "interesting" IMO.
     
  9. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Then this thread will be intended for people who find it "interesting" then.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
    Just a reminder. This isn't a malware trading forum. I recommend reading the Terms Of Service.

    Any further posts of this type will be removed without notice.
     
Loading...
Thread Status:
Not open for further replies.