Another bit of malware this time masquerading as a terse email message to encourage the downloading of a fake version of IE7. It's a simple graphic pointing to an executable called IE7.0.exe - it looks like the graphic and executable are hosted on compromised Apache servers.
VirusTotal indicates that detection is a bit thin at the moment.
Antivirus | Version | Update | Result |
AhnLab-V3 | 2007.3.30.0 | 03.29.2007 | no virus found |
AntiVir | 7.3.1.46 | 03.29.2007 | TR/Proxy.Agent.CL |
Authentium | 4.93.8 | 03.29.2007 | no virus found |
Avast | 4.7.936.0 | 03.29.2007 | no virus found |
AVG | 7.5.0.447 | 03.29.2007 | no virus found |
BitDefender | 7.2 | 03.29.2007 | no virus found |
CAT-QuickHeal | 9.00 | 03.29.2007 | (Suspicious) - DNAScan |
ClamAV | devel-20070312 | 03.29.2007 | no virus found |
DrWeb | 4.33 | 03.29.2007 | no virus found |
eSafe | 7.0.15.0 | 03.29.2007 | no virus found |
eTrust-Vet | 30.6.3522 | 03.29.2007 | no virus found |
Ewido | 4.0 | 03.29.2007 | no virus found |
FileAdvisor | 1 | 03.29.2007 | no virus found |
Fortinet | 2.85.0.0 | 03.29.2007 | suspicious |
F-Prot | 4.3.1.45 | 03.28.2007 | no virus found |
F-Secure | 6.70.13030.0 | 03.29.2007 | Virus.Win32.Grum.a |
Ikarus | T3.1.1.3 | 03.29.2007 | no virus found |
Kaspersky | 4.0.2.24 | 03.29.2007 | Virus.Win32.Grum.a |
McAfee | 4995 | 03.29.2007 | no virus found |
Microsoft | 1.2306 | 03.29.2007 | no virus found |
NOD32v2 | 2154 | 03.29.2007 | no virus found |
Norman | 5.80.02 | 03.29.2007 | no virus found |
Panda | 9.0.0.4 | 03.29.2007 | Suspicious file |
Prevx1 | V2 | 03.29.2007 | Covert.Sys.Exec |
Sophos | 4.16.0 | 03.29.2007 | no virus found |
Sunbelt | 2.2.907.0 | 03.29.2007 | VIPRE.Suspicious |
Symantec | 10 | 03.29.2007 | Trojan Horse |
TheHacker | 6.1.6.080 | 03.23.2007 | no virus found |
UNA | 1.83 | 03.16.2007 | no virus found |
VBA32 | 3.11.3 | 03.29.2007 | suspected of Trojan-PSW.Pinch.1 (paranoid heuristics) |
VirusBuster | 4.3.7:9 | 03.29.2007 | no virus found |
Webwasher-Gateway | 6.0.1 | 03.29.2007 | Trojan.Proxy.Agent.CL |
No comments:
Post a Comment