Jump to content
draganp

Many online scanners find malicious code, Word macro downloader, but Kaspersky doesnt?

Recommended Posts

Hi there,

I got email with link to some file. The mail looks like reply to my email, but text was weird. I downloaded it and scanned online on Kaspersky VirusDesk..file was safe!?

I scanned it on www.virustotal.com and result was different. Screenshot attached. Can somebody check it also?

The link, that I got in email, to file is https://onedrive.live.com/redir?resid=4414C464F85FADCF%212141&authkey=%21AAK8Gd9E7OvX0D0&page=Download&canary=Aio1rYvOJ8oESZviMBccBk%2Boe7W90lQjFGFtH0vycus%3D2

Bye!

 

screenshot.jpg

Share this post


Link to post

Kaspersky Internet Security v19.0.0.1088(d)

Database release date: 14.01.2019 10:15

 

kasforum.jpg

kasforum2.jpg

Edited by Gjoksi

Share this post


Link to post

I am trying to help my friend who "sent" me the email with link to that infected file. Kaspersky VirusDesk now shows that file is infected, probably after updating...

I'm not even close to be expert for this, but I am trying for figure out what this virus does in this fake word file. So, I opened cleaned and original file in Notepad++. Like I said I am not expert, but I've found part of some script, with some Windows paths..but some expert needs to decode it so it can be readable ;) Is something like that an option? I also compared these two files, and lines with with that "script" in cleaned file, of course, are missing.

Maybe it is possible to find out what this script does if this fake word file is opened by ms word? Attached screenshot where you can see that script or whatever it is.

not.jpg

Share this post


Link to post

Hello,

We are not doing malware analysis on this forum. Please continue any questions/issues about this detection with Tech Support. :)

Share this post


Link to post

OK. Thanks anyway.

I already told my friend to contact support. Will he do it or not..I dont know...I was just wondering about how/what it works..

Share this post


Link to post

Unfortunately we do not discuss / nor support malware analysis on this forum. This is strictly for Kaspersky products support.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.