[Emerging-Sigs] W32/Kyle Should Be Trojan?

Kevin Ross kevross33 at googlemail.com
Thu Sep 18 05:19:06 EDT 2014


Hi,

I am wondering if the W32/Kyle sig should be updated to ET Trojan? I saw it
this morning downloading a file which while it apparently was corrupted
even though I had no missing bytes (going to manually carve again from
recovered PCAP to be sure) Virsutotal suggests on 1 AV suggested it was
Zeus:

https://www.virustotal.com/en/file/0f01ae1eeed77b3cadd6fdc53cc3d43b244da172b32f389890cf48914a060941/analysis/

Kind regards,
Kevin Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140918/fed022c8/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: W32Kyle.png
Type: image/png
Size: 83934 bytes
Desc: not available
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20140918/fed022c8/attachment-0001.png>


More information about the Emerging-sigs mailing list