Submit Malware Here To Be Blacklisted - 2014 (NO LIVE MALWARE!)

Comodo Internet Security - CIS AV False Positive/Negative Detection Reporting

spywar January 1, 2014, 9:26pm 21

Crypted.exe
VT: 12/48
SHA1: 9e039a0e9e5a8374db7ea38a40a8ed5fa75d30d3

http://camas.comodo.com/cgi-bin/submit?file=6b947358449dac523775fbdb5b3d4c02f2d29d2b002b90338ba184cbb409e01d
http://valkyrie.comodo.com/Result.html?sha1=9e039a0e9e5a8374db7ea38a40a8ed5fa75d30d3&&query=0&&filename=Crypted.exe

qiuhui January 1, 2014, 9:48pm 22

Hi spywar & yigido

Thank you for your submission.
We’ll check these.

Best regards
Qiuhui.■■■■

spywar January 1, 2014, 9:51pm 23

server.exe
VT: 12/48
SHA1: 588885c7497a27fbd4023b2376bf8a656b11c52a

http://camas.comodo.com/cgi-bin/submit?file=158291614e0356e47fb6f2239f5f2ac4c1b4bb00ad46152e70b06b7ed3048e38
http://valkyrie.comodo.com/Result.html?sha1=588885c7497a27fbd4023b2376bf8a656b11c52a&&query=0&&filename=server.exe

GOA January 1, 2014, 9:57pm 24

SHA1 08fc0ddce312fb248ce7e647bde0a0deb6a59d5c

SHA1 a7fd79ea305cf39fa4350651b49c443d9b31497d

spywar January 1, 2014, 9:57pm 25

Both have been already reported and are under process, please look at VT comments.

spywar January 1, 2014, 11:03pm 26

mesphotos.scr
VT: 3/48
SHA1: 8284b316207530eb07e61eaa0d78788cb143e297

http://camas.comodo.com/cgi-bin/submit?file=2bd0545a0fc77f1caba1223251a8d2ba74a33c88d19f7c0b81fd6ba77882ed22
http://valkyrie.comodo.com/Result.html?sha1=8284b316207530eb07e61eaa0d78788cb143e297&&query=0&&filename=mesphotos.scr

lugo_58 January 1, 2014, 11:42pm 27

FlashPlayer.exe
VT : 6/47

SHA1 : 7e9f0fad6ddb4965eb76088570b7523b8d429ad5

http://valkyrie.comodo.com/Result.html?sha1=7e9f0fad6ddb4965eb76088570b7523b8d429ad5&&query=0&&filename=FlashPlayer.exe
http://camas.comodo.com/cgi-bin/submit?file=faaa140470f03dfdd4180288ccce2d0426644745bbabab396f92d765a45f3c26

qiuhui January 1, 2014, 11:52pm 28

Hi spywar & yigido

Thank you for your submission.
We’ll check these.

Best regards
Qiuhui.■■■■

spywar January 2, 2014, 7:44am 29

wtwt.exe
VT: 1/47
SHA1: 9838d192d44cfc168fd22fef5475952ccfb84b90

http://camas.comodo.com/cgi-bin/submit?file=eda3d312e6f60b33538e330677ff5e6ae7ea0555be046ac35f716184e2f8939c
http://valkyrie.comodo.com/Result.html?sha1=9838d192d44cfc168fd22fef5475952ccfb84b90&&query=0&&filename=wtwt.exe

ReviewsAntivirus January 2, 2014, 8:43am 30

Hi, have you noticed my submissions? You said “spywar & yigido” so I’m not sure.

spywar January 2, 2014, 8:52am 31

Adobe Flash Player.exe
VT: 9/47
SHA1: 2e4a601c786f6c43fbbf609d6b78c5f5d5bd8df0

http://camas.comodo.com/cgi-bin/submit?file=7b25babe60a48cf9afea747ae5e4f3e668440b9f98f4e9c9b949adf177ff39cc
http://valkyrie.comodo.com/Result.html?sha1=2e4a601c786f6c43fbbf609d6b78c5f5d5bd8df0&&query=0&&filename=Adobe%20Flash%20Player.exe

spywar January 2, 2014, 9:55am 32

hiii.exe
VT: 6/48
SHA1: c596ed4d130f14390b1f2121d62506c42e375e58

http://camas.comodo.com/cgi-bin/submit?file=c10f247d0a4f09d2a3512d2a1badbd586ebcdf2b8fda18e32fe855c521d32bd3
http://valkyrie.comodo.com/Result.html?sha1=c596ed4d130f14390b1f2121d62506c42e375e58&&query=0&&filename=hiii.exe

ryniek January 2, 2014, 10:07am 33

bill_0834521.pdf____________________________________________________________________________________________________________.exe - although it’s not considered harmful, it sure is.
Scanning this file while it’s being zipped, gives such results - bill_0834521.zip. Also Valkyrie detected it (PE, extracted from zip) as a malware.

spywar January 2, 2014, 10:15am 34

Even file name is quite suspicious.

spywar January 2, 2014, 10:18am 35

cricket, please don’t post anything in this thread, instead go here https://forums.comodo.com/av-false-positivenegative-detection-reporting/submit-malware-here-to-be-blacklisted-2014-no-live-malware-t100707.30.html.

lugo_58 January 2, 2014, 10:41am 36

uploaded to CIMA

SHA1 :

46b473d38d8114c4c6b0505856675f1729f70c97
0437fd43f0cdc0785abaf1f6dd593067adf91d9d
4b0a5503782bf295a9d8d12f6d88cb599e6d3e9d
a94b84c99c3ff351287a9443f9f194e5ebe4fc50
e88eebf9fe9afd90713b21c5745b2d0ce31254fc
1e50cf5f85a76c4dfcfecb4e63b722703983e1f8
c76de37fd200cf97ebfbe7da4ceef7e2e94ec186
0bbd984b186da36b3435e21df95c4ed737f039c5
827cc8bad41c5e0e395122842be7dda3186c5d66
7c2a95084500306ff471853866622dc46868faec
396c3040308c3c6d48a873bdceb03a343d0ea491
135018af1d0c9d37e240cbc49392d75e6c6e1d2e
a433176983db45260d1806575c060ebfb3c751a0
97a217c942ef204ae7946d890bff91bc403005bb
98f211226230057f93e1f79054b73ab333dff2d4

spywar January 2, 2014, 10:45am 37

TT Payment.exe
VT: 5/48
SHA1: 79d096d5e749dcfc397a66b4579b48b5522f1923

http://camas.comodo.com/cgi-bin/submit?file=f20b13ea5f08250e88d1da2a3c876e7a128efbe3bbb84911e56e0f1ed7009e51
http://valkyrie.comodo.com/Result.html?sha1=79d096d5e749dcfc397a66b4579b48b5522f1923&&query=0&&filename=TT%20Payment.exe

lugo_58 January 2, 2014, 11:06am 38

Uploaded to CIMA

SHA1 :

afd1d68feee2cc29aeab4ab767eaad93bf29f8de
0ffbc63c411e2d29c743bca7a4d500de311e5bee
f5b187046a0f33ae5256382ae4d064e54cf6632f
196550c02059517d8f5d47bef417a08680d451a4
57d25975b7aa50ff33b66eef7d345d28537710eb
46b473d38d8114c4c6b0505856675f1729f70c97
5d45d4b614bdb1d5c82c4012732193ddba5f9797
153abe6dcab4f8d8858620beae27f61cffeb7a9a
6c6aaada2a0dc305c2ed64a04918e38db20aef68
eeada32e13ec3e3bde544d659b303575154d1edb
bcda62e711d6236c9da392cc3328753834969551
c9b2d4342414fa24e8c570bb2d34a011598b2967
5c5d5b60225ed232f132cf7eb439cfe1ef291c23
97590090f36388c6422598f14d470d31d5c3fdb6
01e36596e42b6695ec60844bc203fa5afe9e7ba0

Priyadharsini January 2, 2014, 11:28am 39

Hi,

Thank you for your submissions.
We’ll check them and if found to be malware detection will be added.

Regards,
Priyadharsini.G

lugo_58 January 2, 2014, 11:48am 40

uploaded to CIMA