Sponsored by..

Thursday 29 March 2007

"Internet Explorer 7 Downloads" - IE7.0.exe


Another bit of malware this time masquerading as a terse email message to encourage the downloading of a fake version of IE7. It's a simple graphic pointing to an executable called IE7.0.exe - it looks like the graphic and executable are hosted on compromised Apache servers.

VirusTotal indicates that detection is a bit thin at the moment.



AntivirusVersionUpdateResult
AhnLab-V32007.3.30.003.29.2007no virus found
AntiVir7.3.1.4603.29.2007TR/Proxy.Agent.CL
Authentium4.93.803.29.2007no virus found
Avast4.7.936.003.29.2007no virus found
AVG7.5.0.44703.29.2007no virus found
BitDefender7.203.29.2007no virus found
CAT-QuickHeal9.0003.29.2007(Suspicious) - DNAScan
ClamAVdevel-2007031203.29.2007no virus found
DrWeb4.3303.29.2007no virus found
eSafe7.0.15.003.29.2007no virus found
eTrust-Vet30.6.352203.29.2007no virus found
Ewido4.003.29.2007no virus found
FileAdvisor103.29.2007no virus found
Fortinet2.85.0.003.29.2007suspicious
F-Prot4.3.1.4503.28.2007no virus found
F-Secure6.70.13030.003.29.2007Virus.Win32.Grum.a
IkarusT3.1.1.303.29.2007no virus found
Kaspersky4.0.2.2403.29.2007Virus.Win32.Grum.a
McAfee499503.29.2007no virus found
Microsoft1.230603.29.2007no virus found
NOD32v2215403.29.2007no virus found
Norman5.80.0203.29.2007no virus found
Panda9.0.0.403.29.2007Suspicious file
Prevx1V203.29.2007Covert.Sys.Exec
Sophos4.16.003.29.2007no virus found
Sunbelt2.2.907.003.29.2007VIPRE.Suspicious
Symantec1003.29.2007Trojan Horse
TheHacker6.1.6.08003.23.2007no virus found
UNA1.8303.16.2007no virus found
VBA323.11.303.29.2007suspected of Trojan-PSW.Pinch.1 (paranoid heuristics)
VirusBuster4.3.7:903.29.2007no virus found
Webwasher-Gateway6.0.103.29.2007Trojan.Proxy.Agent.CL

No comments: