View Single Post
Old 11-01-07, 12:51 PM   #1
evilghost
Registered User
 
Join Date: Jul 2005
Posts: 3,606
Default Bleeding edge Storm AV analysis

Quote:
Received: from client-81-105-70-61.popl.adsl.virgin.net [81.105.70.61]
Wed, 31 Oct 2007 16:55:43 -0500
Received: from idqct ([137.106.132.233]) by client-81-105-70-61.popl.adsl.virgin.net with Microsoft SMTPSVC(6.0.3790.0); Wed, 31 Oct 2007 21:54:11 +0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
From: "greenjo1@bom5.vsnl.net.in" <greenjo1@bom5.vsnl.net.in>
Subject: [TEXT] [SLS] [HDR] [CHAR] Watch him dance
Date: Wed, 31 Oct 2007 16:54:11 -0500
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
Message-ID: <000e01c81c08$91ca4ed0$e9846a89@idqct>
Received-SPF: none (domain of greenjo1@bom5.vsnl.net.in does not designated permitted sender hosts)
X-XWall-Heuristic: 30
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Just a little Halloween fun. http://201.250.104.203/
Figured I'd run the AV scanners through the wringer on halloween.exe and the 'dancing skeleton' to see just how accurate coverage is for this variant.

The results are here, as always, it seems the major vendors (McAfee) fail at detecting it, as usual.

evilghost is offline   Reply With Quote