Hi,
Testing out the --online option;
Does the --online option checked virustotal or some other online
sandboxes?
najmi@dell ~/Desktop/malware-csm
$ ../malware_analyser\ 3.1/run.exe 64efaaca475ddb0fecab2884e6d6c989 --
online
|---------------------------------------------------------------|
| beenudel1986[@]gmail[dot]com |
| Malware Analyzer(Static & Dynamic) 3.1 |
| 06/2009 analyse_malware.py |
| Do Visit
www.BeenuArora.com |
| Last Updated : 12-06-2011 |
|---------------------------------------------------------------|
Analysing if PE file...
[+] Valid PE file.
[+] Malware File Size : 67 KB
[+] Verifying CRC from file
Claimed CRC and Actual CRC are different: Suspicious
Claimed: 0
Actual: 84154
[+] Verifying timestamp from file
0x200800 [Sun Jan 25 07:06:40 1970 UTC]SUSPICIOUS
[+] Computing Checksum for malware :64efaaca475ddb0fecab2884e6d6c989
[-]Checksum of malware :64efaaca475ddb0fecab2884e6d6c989
[+] No malware detected
najmi@dell ~/Desktop/malware-csm
$ clamscan.exe 64efaaca475ddb0fecab2884e6d6c989
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
64efaaca475ddb0fecab2884e6d6c989: Worm.Allaple-56 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 968005
Engine version: 0.97
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.06 MB
Data read: 0.06 MB (ratio 1.00:1)
Time: 15.646 sec (0 m 15 s)