Online threat report
12 views
Skip to first unread message
Najmi
Jun 13, 2011, 12:56:05 AM6/13/11
to malwareanalyser
Hi,
Testing out the --online option;
Does the --online option checked virustotal or some other online
sandboxes?
najmi@dell ~/Desktop/malware-csm
$ ../malware_analyser\ 3.1/run.exe 64efaaca475ddb0fecab2884e6d6c989 --
online
|---------------------------------------------------------------|
| beenudel1986[@]gmail[dot]com |
| Malware Analyzer(Static & Dynamic) 3.1 |
| 06/2009 analyse_malware.py |
| Do Visit www.BeenuArora.com |
| Last Updated : 12-06-2011 |
|---------------------------------------------------------------|
Analysing if PE file...
[+] Valid PE file.
[+] Malware File Size : 67 KB
[+] Verifying CRC from file
Claimed CRC and Actual CRC are different: Suspicious
Claimed: 0
Actual: 84154
[+] Verifying timestamp from file
0x200800 [Sun Jan 25 07:06:40 1970 UTC]SUSPICIOUS
[+] Computing Checksum for malware :64efaaca475ddb0fecab2884e6d6c989
[-]Checksum of malware :64efaaca475ddb0fecab2884e6d6c989
[+] No malware detected
najmi@dell ~/Desktop/malware-csm
$ clamscan.exe 64efaaca475ddb0fecab2884e6d6c989
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
64efaaca475ddb0fecab2884e6d6c989: Worm.Allaple-56 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 968005
Engine version: 0.97
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.06 MB
Data read: 0.06 MB (ratio 1.00:1)
Time: 15.646 sec (0 m 15 s)
Testing out the --online option;
Does the --online option checked virustotal or some other online
sandboxes?
najmi@dell ~/Desktop/malware-csm
$ ../malware_analyser\ 3.1/run.exe 64efaaca475ddb0fecab2884e6d6c989 --
online
|---------------------------------------------------------------|
| beenudel1986[@]gmail[dot]com |
| Malware Analyzer(Static & Dynamic) 3.1 |
| 06/2009 analyse_malware.py |
| Do Visit www.BeenuArora.com |
| Last Updated : 12-06-2011 |
|---------------------------------------------------------------|
Analysing if PE file...
[+] Valid PE file.
[+] Malware File Size : 67 KB
[+] Verifying CRC from file
Claimed CRC and Actual CRC are different: Suspicious
Claimed: 0
Actual: 84154
[+] Verifying timestamp from file
0x200800 [Sun Jan 25 07:06:40 1970 UTC]SUSPICIOUS
[+] Computing Checksum for malware :64efaaca475ddb0fecab2884e6d6c989
[-]Checksum of malware :64efaaca475ddb0fecab2884e6d6c989
[+] No malware detected
najmi@dell ~/Desktop/malware-csm
$ clamscan.exe 64efaaca475ddb0fecab2884e6d6c989
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
64efaaca475ddb0fecab2884e6d6c989: Worm.Allaple-56 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 968005
Engine version: 0.97
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.06 MB
Data read: 0.06 MB (ratio 1.00:1)
Time: 15.646 sec (0 m 15 s)
Beenu
Jun 27, 2011, 8:12:11 AM6/27/11
to malwareanalyser
Yes, it checks online for any reports on VT.
I will add the feature to add files to sandboxes sooner.
I will add the feature to add files to sandboxes sooner.
Reply all
Reply to author
Forward
0 new messages