Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

2 Undetected Samples[solved]

Options
AcceleratorX
AcceleratorX
edited June 2008 in Sample submission

Hello,


Recently I found 2 undetected samples which I have attached with this message. Password for the archive is "infected" (without the quotes). The 2 files are actually the downloader and the downloaded file, I just included both of them to make things slightly simpler. Please analyze them and inform me of whether they are infected. It is currently detected by AVG, Kaspersky and AntiVir.


They seem to originate out of a Russian site apparently.

/applications/core/interface/file/attachment.php?id=56" data-fileid="56" rel="">undetected.zip

Comments

  • vlad
    vlad
    Options

    Thank you; detection has been added.

  • AcceleratorX
    AcceleratorX
    edited May 2007
    Options

    Are you sure? BitDefender at Jotti's is not picking up any of the two files.

  • alexcrist
    alexcrist
    Options

    Hi AcceleratorX,


    The detection will be added after the next signature update. Depending on how often Jotti updates it's antiviruses, detection will be added sooner or later. (Usually, these sites update their viruses once every day).


    Cris.

  • AcceleratorX
    AcceleratorX
    Options

    @Cris: Okay, I'll check it tomorrow again. But I think Jotti's is updated hourly.


    For BD staff, there is another sample I want you to analyse if possible. This one is only suspect, I do not know if it is really malware. Password is the same as before ("infected" without the quotes)

    /applications/core/interface/file/attachment.php?id=63" data-fileid="63" rel="">bdsubmit.zip

  • vlad
    vlad
    Options

    From the time I add the signatures until they are available on the site it takes from 15 min. to a few hours (depending mostly on how urgent they are). Then, it takes Jotti/VirusTotal/virus.org another couple of hours to update their signatures from our site. So for a non-urgent signature, there may be up to 6 hours or even more until you see it on malware scanning sites.


    The last sample is also malware; it has been signed. Thanks!

  • AcceleratorX
    AcceleratorX
    Options

    Hello :)


    Today I received 2 more samples. Both are detected by AVG and Kaspersky, but I'm not sure if other AVs detect it as well. BitDefender seems to not be detecting anything in these 2 files though. From initial look it appears like it is some spyware/rootkit component. Please analyse it and add signatures as necessary. Password for the archive is the same - "infected" (without the quotes). :)

    /applications/core/interface/file/attachment.php?id=74" data-fileid="74" rel="">bdsubmit2.zip

  • Cd-MaN
    Cd-MaN
    Options

    The respective files should be detected as of the next update.

All Time Leaders

Categories

Defenders of the month