Interesting piece of malware

Discussion in 'malware problems & news' started by Toby75, Jul 31, 2009.

Thread Status:
Not open for further replies.
  1. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Hello Wilders Finest,

    I just came across a sample that is at least 3 months old and is detected by 1/41 on VT. (Sophos detected it)

    Surprisingly I scanned it with SAS Free and it detected it too! MBAM did not detect.

    PM me if you would like to play.
     
    Toby75, Jul 31, 2009
    #1
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    What is interesting in it? What actions it is supposed to do?
     
    aigle, Jul 31, 2009
    #2
  3. BrendanK.

    BrendanK. Guest

    Please PM me the sample. :cool:
     
    BrendanK., Jul 31, 2009
    #3
  4. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
    me too
     
    Retadpuss, Jul 31, 2009
    #4
  5. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    It's rare that a piece of malware that has been out at least 3 months will go undetected by this many AV's. I'm not sure what it does. Sophos detects it as Mal/WaledPak-D
     
    Toby75, Jul 31, 2009
    #5
  6. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    I doubt it's anything serious, feel free to send me it.
     
    elapsed, Jul 31, 2009
    #6
  7. BrendanK.

    BrendanK. Guest

    I just submitted it to 30+ vendors so we will find out :D
     
    BrendanK., Jul 31, 2009
    #7
  8. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    818
    Maybe its simply not "wild" enough, or corrupt, or not malicious? - not "interesting" IMO.
     
    dawgg, Jul 31, 2009
    #8
  9. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Then this thread will be intended for people who find it "interesting" then.
     
    Toby75, Jul 31, 2009
    #9
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,911
    Location:
    Texas
    Just a reminder. This isn't a malware trading forum. I recommend reading the Terms Of Service.

    Any further posts of this type will be removed without notice.
     
    ronjor, Jul 31, 2009
    #10
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...