Interesting piece of malware

Discussion in 'malware problems & news' started by Toby75, Jul 31, 2009.

Thread Status:
Not open for further replies.
  1. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Hello Wilders Finest,

    I just came across a sample that is at least 3 months old and is detected by 1/41 on VT. (Sophos detected it)

    Surprisingly I scanned it with SAS Free and it detected it too! MBAM did not detect.

    PM me if you would like to play.
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,109
    Location:
    Saudi Arabia/ Pakistan
    What is interesting in it? What actions it is supposed to do?
     
  3. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    Please PM me the sample. :cool:
     
  4. Retadpuss

    Retadpuss Suspended Member

    Joined:
    Apr 4, 2009
    Posts:
    226
  5. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    It's rare that a piece of malware that has been out at least 3 months will go undetected by this many AV's. I'm not sure what it does. Sophos detects it as Mal/WaledPak-D
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,001
    I doubt it's anything serious, feel free to send me it.
     
  7. BrendanK.

    BrendanK. Registered Member

    Joined:
    Jun 23, 2008
    Posts:
    520
    Location:
    Australia
    I just submitted it to 30+ vendors so we will find out :D
     
  8. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    818
    Maybe its simply not "wild" enough, or corrupt, or not malicious? - not "interesting" IMO.
     
  9. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Then this thread will be intended for people who find it "interesting" then.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    64,313
    Location:
    Texas
    Just a reminder. This isn't a malware trading forum. I recommend reading the Terms Of Service.

    Any further posts of this type will be removed without notice.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.