Hello all , I need some information on the below link . Does Symantec have also created a corresponding signature for the following. Any link or reference would be helpful 

https://malwr.com/analysis/NjE5NWVhZTU3MjU1NGU1NGI4YzMxZTQ2ZjNiMWRlMzA/

https://www.virustotal.com/en/file/ffb14acfa77979a2cff576e10e6784399a3915a0ea63aa2cd176c34eb4e4560a/analysis/

Regards,

Submit that hash to http://www.threatexpert.com/

Also submit it to Symantec so they can look at it.

https://submit.symantec.com/websubmit/gold.cgi

Hi Outrageous,

Please do submit!  The links refer to a .zip file.  There's no info on what the hash is of the malciious file inside the .zip.  (Looks like the typical .scr malware which also pops up a .rtf decoy document.)

Feel free to PM me the tracking number once you have it!

Many thanks,

Mick

Hello Mick Unfortunately I dont have the ZIP file with me , but we have recently received a an advisory that this threat is there so I was looking to see if Symantec has a corresponding signature for this. Regards

OK, I recommend taking precautions to strengthen the defenses.  The recommendations in this document would also apply to other threats like this one which use a malicious .scr:

Support Perspective: CTB-Locker and other forms of Crypto malware
https://www-secure.symantec.com/connect/blogs/support-perspective-ctb-locker-and-other-forms-crypto-malware

Hello , Please confirm if I put the hash to block this zip file in ADC , would it work to block this file ?

Regards

Yes it will work but i suggest you can submit file for symantec responace team,

Thanks for your reply james actually I dont have the file with me thats why I asked if I put in the hash for the zip file would it also work ?

Regards

Yes it will work

How to use Application and Device Control to limit the spread of a threat.

How to use Symantec Endpoint Protection to block or log legitimate but unauthorized software usage

You need to block the maliciouis file inside the zip