Multiple updates with same Malware

Discussion in 'ESET NOD32 Antivirus' started by aluminex, Jul 31, 2012.

Thread Status:
Not open for further replies.
  1. aluminex

    aluminex Registered Member

    Joined:
    Oct 13, 2009
    Posts:
    143
    I was curious as to why multiple updates contain the same definition for Win32/TrojanDownloader.Zortob.B?

    For instance, the signature for this piece of malware is included in update 7337, 7338, and 7339.

    Also, what is the number in parenethesis after the Malware name?

    http://go.eset.com/us/threat-center/threatsense-updates/page/2/



    Win32/TrojanDownloader.Zortob.B(47) 7339
    Win32/TrojanDownloader.Zortob.B(3) 7338
    Win32/TrojanDownloader.Zortob.B 7337

    What is the difference?
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Probably a slight variant of the same family malware that merits separate detection
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Often the malware remains same, just the packer changes to avoid detection.
     
Thread Status:
Not open for further replies.