Most Valued Members Nightowl 187 Posted March 20 Most Valued Members Share Posted March 20 (edited) https://www.virustotal.com/gui/file/b1afbce51ad052f936b989214964d56e2290a7fb5548763273c1fc4382cd5c1c This is not being detected by ESET , but ESET is picking it up through Advanced Memory Scanner after being ran because it came through Skype as a 1.5mb shortcut pif , i kept a copy of it inside a passworded archieve , I sent the shortcut also for Analysis through right click and submit for analysis a variant of Win32/Spy.Agent.QGW trojan C7552D69B8A7257A489BCDC31BAD099F5C2D67EA a variant of Win32/Rescoms.B trojan D00E62B42CEE99EFF56C604CF7190E2F68B3F86E Those are files that the dropper drops them , but ESET memory scanner and startup scanner picks .dlls from Appdata\local\temp\threat.dll Edited March 20 by Nightowl Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.