Thursday, July 22, 2010

Email report enhancements

Hello, we're made a few changes to the emailed report to make things clearer:


Nuclear report.pps:
https://www.vicheck.ca/md5query.php?hash=71803d893ed7d052fdb58f10da200fe9
RESULT: Embedded executable detected.
Encryption level: 256 byte key.
Confidence ranking: 100 (18 hits).

External hash searches:
VIRUS SCAN VirusTotal: 11/42 (26%) detected malware
REPORT http://www.virustotal.com/analisis/3bb1d1d441ab7412ca429ec2db6dbcf48e2b19323bf589d37698e76dc305044f-1279726141
VIRUS SCAN Threat Expert: New
VIRUS SCAN Team-CYMRU.org: New


and a sample with just potential javascript but no embedded malware:

e9b6bd98f6e38ac529ae33c18b3e7d2a.virus:
SCAN: Suspicious file - Javascript obfuscation syncAnnotScan to hide blocks
REPORT: https://www.vicheck.ca/md5query.php?hash=e9b6bd98f6e38ac529ae33c18b3e7d2a
Confidence ranking: 75 (2 hits).

External hash searches:
VIRUS SCAN VirusTotal: 0/42 not detected
REPORT http://www.virustotal.com/analisis/e6e36efb4a26863dca5de7c92e32fb59327f78d12df650e217dfffbb0458c7ee-1279592040
VIRUS SCAN Threat Expert: New
VIRUS SCAN Team-CYMRU.org: New


And lastly a sample executable file:
e3963db2ab325916fd84117e08252b9b.virus:
SCAN: skipped - see sandbox report - file format executable
REPORT: https://www.vicheck.ca/md5query.php?hash=e3963db2ab325916fd84117e08252b9b
Confidence ranking: 50 (1 hits).

External hash searches:
VIRUS SCAN VirusTotal: 11/41 (27%) detected malware
REPORT http://www.virustotal.com/analisis/3d43f262c19bba43cdd52c7eaa68a7c16759b52dcb03a77ad256281f6525399c-1279791222
VIRUS SCAN Threat Expert: New
VIRUS SCAN Team-CYMRU.org: New

No comments:

Post a Comment