Suspected Virus

One of the many dodgy emails I get had this file attached, and I submitted it to VirusTotal.com for a scan after BitDefender found nothing in it. VirusTotal said that 13 out of 31 scans showed it to be a trojan (they all gave different names for it). I certainly wasn't going to run the file and find out for myself, but I did run it in Sandboxie and it immediately closed itself again. I couldn't see any other files being created, however, and the registry entries didn't show anything that looked suspicious (to me, at least) so I decided to submit it here and let the pros handle it :)


File attached, with the usual password.

/applications/core/interface/file/attachment.php?id=1939" data-fileid="1939" rel="">click_me__.rar

Comments

  • rootkit
    rootkit ✭✭✭

    Thank you for the sample !


    The guys from the LAB will take a look ;)