ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    Possible malicous file

    IT Discussion
    8
    17
    3158
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      technobabble last edited by technobabble

      I found a file called maile.php on the server.

      First lines make me think it could be malware:

      "mailer inbox, mailer inbox to all, inbox 2013, inbox 2014, send inbox, send inbox to hotmail aol gmail, script mailer inbox, how to send inbox, send anonymous emails, alboraaq send inbox, unlimitid send inbox,by rocky & poter

      TEAM ALBORAAQ
      CONTACT[at]ALBORAAQ[dot]COM
      HTTP://WWW.ALBORAAQ.COM
      ( TOOLS - 2014 ) "

      Is there a way I can find out if it really is malware?

      1 Reply Last reply Reply Quote 1
      • scottalanmiller
        scottalanmiller last edited by

        Looks like Malware to me. There are online submissions sites for this stuff.

        1 Reply Last reply Reply Quote 0
        • scottalanmiller
          scottalanmiller last edited by

          http://scanthis.net/

          1 Reply Last reply Reply Quote 0
          • T
            technobabble last edited by technobabble

            Thanks, scanning now. Sucuri didn't find anything which I had tried before posting.

            1 Reply Last reply Reply Quote 0
            • Nic
              Nic last edited by

              You could try here too:
              https://www.virustotal.com/

              1 Reply Last reply Reply Quote 2
              • T
                technobabble last edited by

                Took a chance to download the file and then upload to http://virustotal.com.

                So far: PHP.Agent-AQ[Trj], VULCB21.Webshell, Trojan Mailfinder.PHP.Mailer.ac (and .p)

                Thanks guys...time to boot this customer.

                ? 1 Reply Last reply Reply Quote 4
                • MattSpeller
                  MattSpeller last edited by

                  Maille-380g.gif

                  1 Reply Last reply Reply Quote 1
                  • ?
                    A Former User @technobabble last edited by

                    @technobabble said:

                    Thanks guys...time to boot this customer.

                    Booting a customer for a virus? does that mean we can do end user replacements too if they get viruses?

                    Dashrender MattSpeller T 3 Replies Last reply Reply Quote 2
                    • Dashrender
                      Dashrender @Guest last edited by

                      @thecreativeone91 said:

                      @technobabble said:

                      Thanks guys...time to boot this customer.

                      Booting a customer for a virus? does that mean we can do end user replacements too if they get viruses?

                      I was wondering that too... booting a client because of a virus?

                      1 Reply Last reply Reply Quote 1
                      • MattSpeller
                        MattSpeller @Guest last edited by

                        @thecreativeone91 said:

                        does that mean we can do end user replacements too if they get viruses?

                        YES.

                        Although I don't know where we're going to find completely new staff for every business ever.

                        ? 1 Reply Last reply Reply Quote 0
                        • ?
                          A Former User @MattSpeller last edited by

                          @MattSpeller said:

                          @thecreativeone91 said:

                          does that mean we can do end user replacements too if they get viruses?

                          YES.

                          Although I don't know where we're going to find completely new staff for every business ever.

                          Plenty of people looking for jobs out there.

                          Dashrender 1 Reply Last reply Reply Quote 0
                          • Dashrender
                            Dashrender @Guest last edited by

                            @thecreativeone91 said:

                            @MattSpeller said:

                            @thecreativeone91 said:

                            does that mean we can do end user replacements too if they get viruses?

                            YES.

                            Although I don't know where we're going to find completely new staff for every business ever.

                            Plenty of people looking for jobs out there.

                            But do you want to hire those people?

                            1 Reply Last reply Reply Quote 0
                            • T
                              technobabble @Guest last edited by

                              @thecreativeone91

                              LOL...no, the customer seemed sketchy when he signed up for hosting services and then added that file to the server. So booting = cancelling his service.

                              scottalanmiller 1 Reply Last reply Reply Quote 2
                              • scottalanmiller
                                scottalanmiller @technobabble last edited by

                                @technobabble said:

                                @thecreativeone91

                                LOL...no, the customer seemed sketchy when he signed up for hosting services and then added that file to the server. So booting = cancelling his service.

                                Oh, you are thinking that it was intentional?

                                T 1 Reply Last reply Reply Quote 0
                                • T
                                  technobabble @scottalanmiller last edited by

                                  @scottalanmiller Yep...just checked with my cc provider and they have been trying to buy products and the cards are failing multiple times...I'm calling this fraud and scamming.

                                  dafyre Reid Cooper 2 Replies Last reply Reply Quote 4
                                  • dafyre
                                    dafyre @technobabble last edited by

                                    @technobabble Report his {censored} <content removed by moderator> @)(#&$)@&#$ to the Feds.

                                    1 Reply Last reply Reply Quote 3
                                    • Reid Cooper
                                      Reid Cooper @technobabble last edited by

                                      @technobabble said:

                                      @scottalanmiller Yep...just checked with my cc provider and they have been trying to buy products and the cards are failing multiple times...I'm calling this fraud and scamming.

                                      Sounds like it is time to run away.

                                      1 Reply Last reply Reply Quote 1
                                      • First post
                                        Last post