ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Possible malicous file

    IT Discussion
    8
    17
    3.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      technobabble
      last edited by technobabble

      I found a file called maile.php on the server.

      First lines make me think it could be malware:

      "mailer inbox, mailer inbox to all, inbox 2013, inbox 2014, send inbox, send inbox to hotmail aol gmail, script mailer inbox, how to send inbox, send anonymous emails, alboraaq send inbox, unlimitid send inbox,by rocky & poter

      TEAM ALBORAAQ
      CONTACT[at]ALBORAAQ[dot]COM
      HTTP://WWW.ALBORAAQ.COM
      ( TOOLS - 2014 ) "

      Is there a way I can find out if it really is malware?

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller
        last edited by

        Looks like Malware to me. There are online submissions sites for this stuff.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller
          last edited by

          http://scanthis.net/

          1 Reply Last reply Reply Quote 0
          • T
            technobabble
            last edited by technobabble

            Thanks, scanning now. Sucuri didn't find anything which I had tried before posting.

            1 Reply Last reply Reply Quote 0
            • NicN
              Nic
              last edited by

              You could try here too:
              https://www.virustotal.com/

              1 Reply Last reply Reply Quote 2
              • T
                technobabble
                last edited by

                Took a chance to download the file and then upload to http://virustotal.com.

                So far: PHP.Agent-AQ[Trj], VULCB21.Webshell, Trojan Mailfinder.PHP.Mailer.ac (and .p)

                Thanks guys...time to boot this customer.

                ? 1 Reply Last reply Reply Quote 4
                • MattSpellerM
                  MattSpeller
                  last edited by

                  http://www.saveurdujour.com/images/Maille-380g.gif

                  1 Reply Last reply Reply Quote 1
                  • ?
                    A Former User @technobabble
                    last edited by

                    @technobabble said:

                    Thanks guys...time to boot this customer.

                    Booting a customer for a virus? does that mean we can do end user replacements too if they get viruses?

                    DashrenderD MattSpellerM T 3 Replies Last reply Reply Quote 2
                    • DashrenderD
                      Dashrender @A Former User
                      last edited by

                      @thecreativeone91 said:

                      @technobabble said:

                      Thanks guys...time to boot this customer.

                      Booting a customer for a virus? does that mean we can do end user replacements too if they get viruses?

                      I was wondering that too... booting a client because of a virus?

                      1 Reply Last reply Reply Quote 1
                      • MattSpellerM
                        MattSpeller @A Former User
                        last edited by

                        @thecreativeone91 said:

                        does that mean we can do end user replacements too if they get viruses?

                        YES.

                        Although I don't know where we're going to find completely new staff for every business ever.

                        ? 1 Reply Last reply Reply Quote 0
                        • ?
                          A Former User @MattSpeller
                          last edited by

                          @MattSpeller said:

                          @thecreativeone91 said:

                          does that mean we can do end user replacements too if they get viruses?

                          YES.

                          Although I don't know where we're going to find completely new staff for every business ever.

                          Plenty of people looking for jobs out there.

                          DashrenderD 1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender @A Former User
                            last edited by

                            @thecreativeone91 said:

                            @MattSpeller said:

                            @thecreativeone91 said:

                            does that mean we can do end user replacements too if they get viruses?

                            YES.

                            Although I don't know where we're going to find completely new staff for every business ever.

                            Plenty of people looking for jobs out there.

                            But do you want to hire those people?

                            1 Reply Last reply Reply Quote 0
                            • T
                              technobabble @A Former User
                              last edited by

                              @thecreativeone91

                              LOL...no, the customer seemed sketchy when he signed up for hosting services and then added that file to the server. So booting = cancelling his service.

                              scottalanmillerS 1 Reply Last reply Reply Quote 2
                              • scottalanmillerS
                                scottalanmiller @technobabble
                                last edited by

                                @technobabble said:

                                @thecreativeone91

                                LOL...no, the customer seemed sketchy when he signed up for hosting services and then added that file to the server. So booting = cancelling his service.

                                Oh, you are thinking that it was intentional?

                                T 1 Reply Last reply Reply Quote 0
                                • T
                                  technobabble @scottalanmiller
                                  last edited by

                                  @scottalanmiller Yep...just checked with my cc provider and they have been trying to buy products and the cards are failing multiple times...I'm calling this fraud and scamming.

                                  dafyreD Reid CooperR 2 Replies Last reply Reply Quote 4
                                  • dafyreD
                                    dafyre @technobabble
                                    last edited by

                                    @technobabble Report his {censored} <content removed by moderator> @)(#&$)@&#$ to the Feds.

                                    1 Reply Last reply Reply Quote 3
                                    • Reid CooperR
                                      Reid Cooper @technobabble
                                      last edited by

                                      @technobabble said:

                                      @scottalanmiller Yep...just checked with my cc provider and they have been trying to buy products and the cards are failing multiple times...I'm calling this fraud and scamming.

                                      Sounds like it is time to run away.

                                      1 Reply Last reply Reply Quote 1
                                      • 1 / 1
                                      • First post
                                        Last post