cancel
Showing results for 
Search instead for 
Did you mean: 
mcfivpe
Level 7

Malware Artemis!BB6CEC789A39

Hello

The file is a malware

Os Melhores CDs ( Ao vivo) - Gospel - Crianças Diante do Trono.rar

It downloadable from hxxp://search.4shared.com/postDownload/3bs78JP5ce/Os_Melhores_CDs___Ao_vivo__-_G.html  (file link broken by Moderator as possibly dangerous)

Analysis

https://www.virustotal.com/bg/file/db174be757ed20ef161ec8eda345b2dd713bf90abe11ef4404d077384cec43df/...

Ad-Aware                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            AntiVir                      TR/Spy.Banker.Gen                      20140323         
            BitDefender                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            Commtouch                      W32/D_Bancos!Generic                      20140323         
            ESET-NOD32                      probably a variant of Win32/Spy.Banker.AAPM                      20140323         
            Emsisoft                      DeepScan:Generic.Banker.OT.CE8330D3 (B)                      20140323         
            F-Prot                      W32/D_Bancos!Generic                      20140323         
            F-Secure                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            GData                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            K7AntiVirus                      Trojan ( 00361abb1 )                      20140321         
            K7GW                      Trojan ( 00361abb1 )                      20140321         
            Malwarebytes                      Spyware.InfoStealer                      20140323         
            MicroWorld-eScan                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            Norman                      Suspicious.C6!genr                      20140323         
            Sophos                      Mal/Banker-U                      20140323         

4.JPG

Message was edited by: Ex_Brit on 23/03/14 6:46:46 EDT PM

Message was edited by: Ex_Brit on 23/03/14 7:43:38 EDT PM
0 Kudos
3 Replies
exbrit
Level 21

Re: Malware Artemis!BB6CEC789A39

Full Analysis from VirusTotal:

Ad-Aware                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            AntiVir                      TR/Spy.Banker.Gen                      20140323         
            BitDefender                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            Commtouch                      W32/D_Bancos!Generic                      20140323         
            ESET-NOD32                      probably a variant of Win32/Spy.Banker.AAPM                      20140323         
            Emsisoft                      DeepScan:Generic.Banker.OT.CE8330D3 (B)                      20140323         
            F-Prot                      W32/D_Bancos!Generic                      20140323         
            F-Secure                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            GData                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            K7AntiVirus                      Trojan ( 00361abb1 )                      20140321         
            K7GW                      Trojan ( 00361abb1 )                      20140321         
            Malwarebytes                      Spyware.InfoStealer                      20140323         
            MicroWorld-eScan                      DeepScan:Generic.Banker.OT.CE8330D3                      20140323         
            Norman                      Suspicious.C6!genr                      20140323         
            Sophos                      Mal/Banker-U                      20140323         
            AVG         
            20140323         
            AegisLab         
            20140323         
            Agnitum         
            20140323         
            AhnLab-V3         
            20140323         
            Antiy-AVL         
            20140320         
            Avast         
            20140323         
            Baidu-International         
            20140323         
            Bkav         
            20140322         
            ByteHero         
            20140323         
            CAT-QuickHeal         
            20140323         
            CMC         
            20140319         
            ClamAV         
            20140323         
            Comodo         
            20140323         
            DrWeb         
            20140323         
            Fortinet         
            20140323         
            Ikarus         
            20140323         
            Jiangmin         
            20140323         
            Kaspersky         
            20140323         
            Kingsoft         
            20140323         
            McAfee         
            20140323         
            McAfee-GW-Edition         
            20140323         
            Microsoft         
            20140323         
            NANO-Antivirus         
            20140323         
            Panda         
            20140323         
            Qihoo-360         
            20140323         
            Rising         
            20140322         
            SUPERAntiSpyware         
            20140323         
            Symantec         
            20140323         
            TheHacker         
            20140321         
            TotalDefense         
            20140323         
            TrendMicro         
            20140323         
            TrendMicro-HouseCall         
            20140323         
            VBA32         
            20140321         
            VIPRE         
            20140323         
            ViRobot         
            20140323         
            nProtect         
            20140323         

So McAfee antivirus doesn't find a problem with it,   are you asking if it should?     What does find a probem with it is SiteAdvisor (browser add-on) and that is probably due to the nature of the download, file-sharing sites are usually marked as dangerous.

If you feel it is incorrect you can contact SiteAdvisor here:  https://community.mcafee.com/message/66185#66185

Превод от Google:


Така че McAfee антивирусна не намери проблем с него, са ви питам, ако трябва? Какво може да намери probem с него е SiteAdvisor (браузър добавка) и това вероятно се дължи на естеството на мишката, за обмен на файлове сайтове обикновено са маркирани като опасни.



Ако смятате, че е неправилна, можете да се свържете с SiteAdvisor тук: https://community.mcafee.com/message/66185 # 66185

Message was edited by: Ex_Brit on 23/03/14 7:02:44 EDT PM

Message was edited by: Ex_Brit on 23/03/14 7:44:05 EDT PM
0 Kudos
mcfivpe
Level 7

Re: Malware Artemis!BB6CEC789A39

Hello

McAfee have already found the file is a malware.

McAfee-Gateway5008 ms2014-03-23

Artemis!BB6CEC789A39

https://www.metascan-online.com/en/scanresult/file/23bc23a59b2a46688c24cea705773972

AegisLab2246 ms2014-03-21

No threat detected

Agnitum3573 ms2014-03-22

No threat detected

Ahnlab3027 ms1899-12-30

No threat detected

Antiy3853 ms2014-02-12

No threat detected

AVG4103 ms2014-03-22

No threat detected

Avira2402 ms2014-03-23

TR/Spy.Banker.Gen

Infected
BitDefender4587 ms2014-03-23

DeepScan:Generic.Banker.OT.CE8330D3

Infected
ByteHero2293 ms2014-03-23

No threat detected

ClamWin1638 ms2014-03-23

No threat detected

Commtouch2340 ms2014-03-23

W32/D_Bancos!Generic

Infected
Emsisoft2636 ms2014-03-23

DeepScan:Generic.Banker.OT.CE8330D3

Infected
ESET10234 ms2014-03-23

probably a variant of Win32/Spy.Banker.A...

Infected
F-prot2434 ms2014-03-23

W32/D_Bancos!Generic

Infected
F-secure4696 ms2014-03-23

DeepScan:Generic.Banker.OT.CE8330D3

Infected
Filseclab2200 ms2014-03-23

TrojanDrop.VB.ahht.pzyq.mg

Infected
Fortinet5897 ms2014-03-16

No threat detected

Hauri1466 ms2014-03-23

No threat detected

Ikarus3682 ms2014-03-23

No threat detected

Jiangmin4025 ms2014-03-23

No threat detected

K71451 ms2014-03-22

Trojan ( 00361abb1 )

Infected
Kaspersky4977 ms2014-03-23

No threat detected

Kingsoft14743 ms2014-03-23

No threat detected

Lavasoft4540 ms2014-03-23

DeepScan:Generic.Banker.OT.CE8330D3

Infected
McAfee-Gateway5008 ms2014-03-23

Artemis!BB6CEC789A39

Infected
Microsoft5725 ms2014-03-23

No threat detected

NANO2558 ms2014-03-23

No threat detected

Norman3229 ms2014-03-23

Suspicious.C6!genr

Infected
nProtect1950 ms2014-03-15

No threat detected

QuickHeal2714 ms2014-03-23

No threat detected

Sophos3261 ms2014-03-16

Mal/Banker-U

Infected
SUPERAntiSpyware1934 ms2014-03-23

No threat detected

Symantec3292 ms2014-03-22

No threat detected

ThreatTrack23276 ms2014-03-23

No threat detected

TotalDefense3541 ms2014-03-22

No threat detected

TrendMicro4571 ms2014-03-15

No threat detected

TrendMicroHouseCall4399 ms2014-03-14

No threat detected

VirIT3994 ms2014-03-21

No threat detected

VirusBlokAda6115 ms2014-03-21

No threat detected

Zillya!1903 ms2014-03-23

No threat detected

Zoner4649 ms2014-03-19

No threat detected

Problem is resolved.

Thank you!

Message was edited by: Ex_Brit on 23/03/14 7:44:36 EDT PM
0 Kudos
exbrit
Level 21

Re: Malware Artemis!BB6CEC789A39

Pity you didn't say that before.   I've now edited the headers to read the Artemis detection number and have moved the tthread to that section.  

Hopefully someone from the lab will pagtrol here soon.

Artemis detections are "unknowns" that have been automatically submitted to the labs for investigation.

If something is identified, maybe wrongly as "Artemis" then McAfee already knows about it.  Merely send an email to virus_research@mcafee.com with the Artemis detection name and the words "False Artemis!++++++++++++" (where ++++++++++++ is the 12-digit code given to it) as the subject line. (Minus the "").

0 Kudos