Auto Attack and Grab but not BOT!!!

12/28/2007 21:18 Dark_Xero9#16
AhnLab-V3 2007.12.28.12 2007.12.28 -
AntiVir 7.6.0.46 2007.12.28 -
Authentium 4.93.8 2007.12.28 -
Avast 4.7.1098.0 2007.12.27 Win32:Agent-LWO
AVG 7.5.0.516 2007.12.28 BackDoor.Ircbot.7.K
BitDefender 7.2 2007.12.28 Dropped:Trojan.Keylog.Ardamax.NAJ
CAT-QuickHeal 9.00 2007.12.28 TrojanSpy.Ardamax.n
ClamAV 0.91.2 2007.12.28 -
DrWeb 4.44.0.09170 2007.12.28 -
eSafe 7.0.15.0 2007.12.27 -
eTrust-Vet 31.3.5408 2007.12.28 -
Ewido 4.0 2007.12.28 Logger.Ardamax.n
FileAdvisor 1 2007.12.28 -
Fortinet 3.14.0.0 2007.12.28 -
F-Prot 4.4.2.54 2007.12.28 -
F-Secure 6.70.13030.0 2007.12.28 Trojan-Spy.Win32.Ardamax.n
Ikarus T3.1.1.15 2007.12.28 Trojan-Spy.Win32.Ardamax.n
Additional information
File size: 745341 bytes
MD5: 94874b68177928e76d868c0301dfdce0
SHA1: cb7d44f7f1a5b442836460df2eee2b891eaeefb4
PEiD: -


ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.





keylogger
12/28/2007 21:52 HonorMan#17
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - TrojanDownloader.AutoIt.co
ClamAV - - -
DrWeb - - -
eSafe - - suspicious Trojan/Worm
eTrust-Vet - - -
Ewido - - -
FileAdvisor - - -
Fortinet - - -
F-Prot - - -
F-Secure - - -
Ikarus - - IM-Worm.Win32.Sohanad.cv
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - Trojan/Downloader.AutoIt.co
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - -
12/28/2007 21:55 HonorMan#18
omg
12/28/2007 23:12 malakuias#19
is a backdor mther fu cker
12/28/2007 23:40 Dark_Xero9#20
listen to my scan not HonorMan
12/29/2007 17:30 socrat2000#21
One word " BAN "

Reasone: See ur self

File Auto_Attack_and_Grab.exe received on 12.29.2007 17:25:24 (CET)

Result: 16/32 (50%)

Antivirus Version Last Update Result
AhnLab-V3 2007.12.29.11 2007.12.29 Win-Trojan/Ardamax.14848.D
AntiVir 7.6.0.46 2007.12.29 -
Authentium 4.93.8 2007.12.29 -
Avast 4.7.1098.0 2007.12.28 Win32:Agent-LWO
AVG 7.5.0.516 2007.12.29 BackDoor.Ircbot.7.K
BitDefender 7.2 2007.12.29 Dropped:Trojan.Keylog.Ardamax.NAJ
CAT-QuickHeal 9.00 2007.12.29 TrojanSpy.Ardamax.n
ClamAV 0.91.2 2007.12.29 -
DrWeb 4.44.0.09170 2007.12.29 -
eSafe 7.0.15.0 2007.12.27 -
eTrust-Vet 31.3.5412 2007.12.29 -
Ewido 4.0 2007.12.29 Logger.Ardamax.n
FileAdvisor 1 2007.12.29 -
Fortinet 3.14.0.0 2007.12.29 -
F-Prot 4.4.2.54 2007.12.28 -
F-Secure 6.70.13030.0 2007.12.28 Trojan-Spy.Win32.Ardamax.n
Ikarus T3.1.1.15 2007.12.29 Trojan-Spy.Win32.Ardamax.n
Kaspersky 7.0.0.125 2007.12.29 Trojan-Spy.Win32.Ardamax.n
McAfee 5195 2007.12.28 -
Microsoft 1.3109 2007.12.29 TrojanSpy:Win32/Ardamax.A
NOD32v2 2755 2007.12.29 -
Norman 5.80.02 2007.12.28 W32/Ardamax.DTG
Panda 9.0.0.4 2007.12.29 -
Prevx1 V2 2007.12.29 W32.Malware.gen
Rising 20.24.52.00 2007.12.29 Trojan.Spy.Win32.Ardamax.n
Sophos 4.24.0 2007.12.29 Ardamax Installer
Sunbelt 2.2.907.0 2007.12.28 -
Symantec 10 2007.12.29 -
TheHacker 6.2.9.174 2007.12.28 -
VBA32 3.12.2.5 2007.12.29 Trojan-Spy.Win32.Ardamax.n
VirusBuster 4.3.26:9 2007.12.29 -
Webwasher-Gateway 6.6.2 2007.12.28 Riskware.Ardamax.K.Gen
Additional information
File size: 760790 bytes
MD5: 7579acc5cdc6b02c35905e6f1dacdbd8
SHA1: df42aeefde038d962fdc95a4898fb67ee511de20
PEiD: Armadillo v1.71
Prevx info: [Only registered and activated users can see links. Click Here To Register...]
12/29/2007 17:36 socrat2000#22
AUTO_ATTACK_AND_GRAB.EXE

Disagree with this determination?

This executable program has a file size of 760,790 bytes, it is most frequently called AUTO_ATTACK_AND_GRAB.EXE and is most frequently located in the %mai%\ folder.
This file is considered unsafe and is part of the malware group, W32.Malware.gen. It was first seen on Friday, Dec 28 2007. It has only been seen by one user in this section of the community. The file has only been seen in SPAIN.
AUTO_ATTACK_AND_GRAB.EXE has been seen to perform the following behavior:
- The Process is polymorphic and can change its structure