[Dshield] New Variant of Backdoor.Haxdoor
dshield at yaps4u.net
Tue Aug 15 22:12:26 GMT 2006
Martin Forest posted a message on 26th July about a new virus.
(Backdoor.Haxdoor.O or variant there of)
Just had a new variant drop in one of my spamtraps that wasn't picked up by
Email me off list if you want the zip/binary.
Ran through VirusTotal and it appears to be quite new:
AntiVir 126.96.36.199 08.15.2006 no virus found
****Authentium 4.93.8 08.15.2006 W32/Haxdoor.LB at bd
Avast 4.7.844.0 08.15.2006 no virus found
AVG 386 08.15.2006 no virus found
BitDefender 7.2 08.15.2006 no virus found
****CAT-QuickHeal 8.00 08.14.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 08.15.2006 no virus found
DrWeb 4.33 08.15.2006 no virus found
eTrust-InoculateIT 23.72.98 08.15.2006 no virus found
eTrust-Vet 30.3.3021 08.15.2006 no virus found
Ewido 4.0 08.15.2006 no virus found
****Fortinet 188.8.131.52 08.15.2006 suspicious
****F-Prot 3.16f 08.15.2006 security risk named W32/Haxdoor.LB at bd
F-Prot4 184.108.40.206 08.15.2006 no virus found
Ikarus 0.2.65.0 08.15.2006 no virus found
Kaspersky 220.127.116.11 08.15.2006 no virus found
McAfee 4830 08.15.2006 no virus found
Microsoft 1.1560 08.14.2006 no virus found
****NOD32v2 1.1707 08.15.2006 a variant of Win32/Haxdoor
****Norman 5.90.23 08.15.2006 Suspicious_F.gen
Panda 18.104.22.168 08.15.2006 Suspicious file
Sophos 4.08.0 08.15.2006 no virus found
****Symantec 8.0 08.15.2006 Backdoor.Trojan
TheHacker 22.214.171.124 08.14.2006 no virus found
UNA 1.83 08.15.2006 no virus found
****VBA32 3.11.0 08.15.2006 suspected of Trojan-Dropper.Microjoin.2
VirusBuster 4.3.7:9 08.15.2006 no virus found
The email has a similar format to the previous one:
Has a zip file with an executable within, named in my case Z3566043.zip
Thank you for shopping at our shop !
This e-mail is to inform you that your order has been shipped out.
The following information is for your reference (see details in the
* Order No.: Z3566043
* Order Date: 08/13/2006
SUBTOTAL : $1,769.99
SALESTAX : $0.00
SHIPPING : $16.81
TOTAL : $1,786.80
* Ship Via: FDX Overnight Delivery
[Ship Date :] 08/14/2006 [Tracking No:] 708745655472 Please note that if
your order includes more than one package, the packages may not be delivered
at the same time due to the shipping carrier's schedule and the delivery
method, and this is out of our control.
In addition, backordered items will be shipped separately.
You may check the status of your package's progress at our website.
Simply click on "Customer Service", then log into the "Member Center".
Customers who leave comments for us at either ResellerRatings.com or
Pricegrabber will be eligible to receive a flash drive or other cool prize!
FOUR drawings will take place every month -- one drawing from each review
site on the 1st and the 15th of every calendar month.
Thank you for shopping with us!
15% restocking fee applies to all refunds. All products must be returned in
like-new condition, including original packaging and all documentation and
accessories. Charges will be applied for all missing accessories or parts.
Our shop will not accept items that have been physically damaged or misused.
Return periods for different product categories range from zero to 30 days.
More information about the list