Endpoint Protection

Hi Everyone,

Past 24 hours there has been a lot of headsup about this malware which gets transmitted. But we don't have any update in Symantec nor if I missed searching.

Do you guys have any update?

http://tools.cisco.com/security/center/viewAlert.x?alertId=36093

https://malwr.com/analysis/NTI0MjU2MTk1ZmUyNGJhYjg1M2M0ZDhmOTIyZTY1ODU/

http://r.virscan.org/report/26c2a2cbf3fc6e76c72c8cd5735b1291

Any information is highly appreciated.

Thanks

Submit to Symantec for review

http://www.symantec.com/security_response/submitsamples.jsp

@Brian. Thanks. But I'm trying to get to know something about the infection.

The you need to submit to Symantec for further review and details.

Best you can do now is submit to a site like virustotal or anubis

I took the SHA256 from the malwr link and searched for it on virustotal.com. Symantec detects the file as Trojan.Pidief:

https://www.virustotal.com/en/file/6b6fdc4b116802728ec763ac7b25472046465dd0cf58146b3755e7efcb83f135/analysis/

Hi Shiva,

The links you mention are about MD5 536445d39de9f19947aa493c1ee57751.  Symantec detects that partiular file as "Trojan.Pidief" in any set of definitions since "10/15/2014 rev. 19."

There are constantly new variants of this same "Trojan.Pidief" threat in circulation, so definitely make sure that a mail security solution is in place in your organization to scan all incoming mail.

Please do take the time to update this thread and mark it solved, if this has answered your query!  &: )

With many thanks,

Mick