This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[6.303] Trojaner not detected

Hi,
tonight we received a lot of mails containing a zipped EXE (rechnung.exe).
This should be one of the following Trojaners:
Trojan.Downloader.Small-1663
HEUR/Trojan.Downloader
DLOADER.Trojan

But ASL did not detect it? Anyone the same problem?

Here ist the Mail Text:

Sehr geehrte Kundin, sehr geehrter Kunde 



Rechnung 





 Die Dateien wurden als Anhang eingefugt und konnen jetzt mit dieser Nachricht gesendet

 werden.



-----------------------------------------------------------------

 Ich verwende die kostenlose Version von SPAMfighter,

 die bis jetzt 227 Spammails entfernt hat.

 Fur private Anwender ist SPAMfighter vollig kostenlos!

 Jetzt gratis testen: hier klicken.

cu SveN

This thread was automatically locked due to age.

Parents

0 Alvin over 19 years ago

Astaro uses Kaspersky and ClamAV.

Submit the sample to http://www.virustotal.com so that all vendors would have a copy and soon Astaro would be able to detect it.

It would be good to post the results of VirusTotal Here.

Hope this is helpful.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Alvin over 19 years ago

Astaro uses Kaspersky and ClamAV.

Submit the sample to http://www.virustotal.com so that all vendors would have a copy and soon Astaro would be able to detect it.

It would be good to post the results of VirusTotal Here.

Hope this is helpful.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 SveN_01 over 19 years ago in reply to Alvin

Astaro uses Kaspersky and ClamAV.

Really? Read this http://www.astaro.org/showthread.php?t=16028

Submit the sample to http://www.virustotal.com so that all vendors would have a copy and soon Astaro would be able to detect it.

It would be good to post the results of VirusTotal Here.

Hope this is helpful.

Here you go...

Complete scanning result of "rechnung.zip", received in VirusTotal at 09.28.2006, 08:45:54 (CET).



Antivirus	Version	Update	Result

AntiVir	7.2.0.18	09.28.2006	TR/Click.AU

Authentium	4.93.8	09.28.2006	W32/Downloader.AGYE

Avast	4.7.892.0	09.27.2006	no virus found

AVG	386	09.27.2006	no virus found

BitDefender	7.2	09.28.2006	Trojan.Clicker.AU

CAT-QuickHeal	8.00	09.27.2006	(Suspicious) - DNAScan

ClamAV	devel-20060426	09.27.2006	Trojan.Clicker-7

DrWeb	4.33	09.27.2006	Trojan.DownLoader.13048

eTrust-InoculateIT	23.73.7	09.28.2006	no virus found

eTrust-Vet	30.3.3103	09.27.2006	no virus found

Ewido	4.0	09.27.2006	no virus found

Fortinet	2.82.0.0	09.28.2006	W32/Dloadr.ANX!tr.dldr

F-Prot	3.16f	09.28.2006	security risk named W32/Downloader.AGYE

F-Prot4	4.2.1.29	09.28.2006	W32/Downloader.AGYE

Ikarus	0.2.65.0	09.28.2006	Trojan-Downloader.Win32.Agent.ZF

Kaspersky	4.0.2.24	09.28.2006	Trojan-Downloader.Win32.Nurech.c

McAfee	4861	09.27.2006	Downloader-AAP

Microsoft	1.1603	09.28.2006	no virus found

NOD32v2	1.1780	09.27.2006	Win32/TrojanDownloader.Agent.NHA

Norman	5.90.23	09.27.2006	Suspicious_F.gen

Panda	9.0.0.4	09.27.2006	Trj/Abwiz.AR

Sophos	4.10.0	09.28.2006	Troj/Dloadr-ANX

Symantec	8.0	09.28.2006	Downloader

TheHacker	6.0.1.085	09.28.2006	Trojan/Downloader.Nurech.c

UNA	1.83	09.27.2006	no virus found

VBA32	3.11.1	09.27.2006	Trojan.DownLoader.13048

VirusBuster	4.3.7:9	09.27.2006	Trojan.DL.Agent.EPG



Aditional Information

File size: 9566 bytes

MD5: ac3ef3f43ea4be490aaf1851b78474bf

SHA1: 5d3a9632e299d28da2b3781f32afeec89bdbecbe

Thanks for your help. Hope the vrus scanner will detect it soon....

cu SveN