Incrédimail
Hi,
We need more details about the non detection for this sample.
This program is detected by ###### as "Downloader.Win32.lmLoader.f" and by ###### as
"generic.downloader.x".
We have analysed this sample and we have found that this code is malicious
because:
the program displays a lot of popup (during installation, and remove of the
program)
during the removal, a lot of registry keys arent cleaned
we suspect that the email may be used to collect and use for spam.
Can you give more details why this sample isn't detected by your AV ?
Archive password : infected
Regards
/applications/core/interface/file/attachment.php?id=3762" data-fileid="3762" rel="">Souches.zip
0
