This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New detection Troj/JavaBz-MH

This recently added detection is detecting some very old java classes in the java cache on user systems. Some older than 5 years. I decompiled the detected java class and stuck it on pastebin:

http://pastebin.com/uQ4nAWpJ

I'm no Java pro, but it seems fairly innocuous although "omfg.class" stands out a bit. It may not be an outright false positive, but perhaps it's an overly paranoid detection?

This thread was automatically locked due to age.

Parents

0 chavez243 over 12 years ago

That's the first thing I did - the response was "yep, that's a real detection" - but what is curious is that not only is it detecting files that are 5+ years old, but the detection is based on a CVE that references a flaw in MS Java VM from 2003.
Clearly the class file on it's own is not much threat, is another more recent piece of malware using this old Java bug. Presumably this MS Java VM issue was patched long ago.
:37243
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 chavez243 over 12 years ago

That's the first thing I did - the response was "yep, that's a real detection" - but what is curious is that not only is it detecting files that are 5+ years old, but the detection is based on a CVE that references a flaw in MS Java VM from 2003.
Clearly the class file on it's own is not much threat, is another more recent piece of malware using this old Java bug. Presumably this MS Java VM issue was patched long ago.
:37243
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data