I am always suspicious when I see an oversell for an attachment;
… Play this game in your attachment, 100% satisfaction!
A scan with VirusScan 8.5.0i shows nothing. Running DAT 5106 … this is the latest on our mirror, McAfee has DAT 5108! Once again our DAT mirror lets us down 
Skipping our mirror and updating from NAI gives the same detection as shown below.
Still suspicious I move along to ClamAV portable v0.91.2 and Gotcha!
Scan Started Thu Aug 30 10:22:08 2007
-------------------------------------------------------------------------------
C:\%path%\game.zip: Trojan.Downloader-13141 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 149596
Engine version: 0.91.2
Scanned directories: 0
Scanned files: 1
Skipped non-executable files: 0
Infected files: 1
Data scanned: 0.02 MB
Time: 4.547 sec (0 m 4 s)
--------------------------------------
Completed
--------------------------------------
Kaspersky online scan picks it up as Trojan-Downloader.Win32.Agent.cnh
Fortinet detects an infection but doesn’t identify it.
CA (VET) finds Win32/Cutwail!generic
And virustotal.com for a shot gun approach:
File game.zip received on 08.30.2007 03:02:00 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 19/32 (59.38%)
Antivirus Version Last Update Result
AhnLab-V3 2007.8.29.0 2007.08.29 -
AntiVir 7.4.1.66 2007.08.29 Worm/Ntech.G
Authentium 4.93.8 2007.08.29 W32/Downldr2.AOUA
Avast 4.7.1029.0 2007.08.29 Win32:Agent-KKK
AVG 7.5.0.484 2007.08.29 Downloader.Generic6.ZE
BitDefender 7.2 2007.08.30 Trojan.Kobcka.C
CAT-QuickHeal 9.00 2007.08.25 -
ClamAV 0.91.2 2007.08.29 Trojan.Downloader-13141
DrWeb 4.33 2007.08.30 BackDoor.Bulknet.60
eSafe 7.0.15.0 2007.08.29 -
eTrust-Vet 31.1.5095 2007.08.30 Win32/Cutwail!generic
Ewido 4.0 2007.08.29 -
FileAdvisor 1 2007.08.30 -
Fortinet 3.11.0.0 2007.08.29 W32/Agent.CEO!tr.dldr
F-Prot 4.3.2.48 2007.08.29 W32/Downldr2.AOUA
F-Secure 6.70.13030.0 2007.08.30 Trojan-Downloader.Win32.Agent.cnh
Ikarus T3.1.1.12 2007.08.30 Win32.Outbreak
Kaspersky 4.0.2.24 2007.08.30 Trojan-Downloader.Win32.Agent.cnh
McAfee 5108 2007.08.29 Spy-Agent.bv.dldr
Microsoft 1.2803 2007.08.30 -
NOD32v2 2491 2007.08.30 a variant of Win32/TrojanDownloader.Agent.BRK
Norman 5.80.02 2007.08.29 -
Panda 9.0.0.4 2007.08.29 -
Prevx1 V2 2007.08.30 -
Rising 19.38.22.00 2007.08.29 -
Sophos 4.21.0 2007.08.29 Troj/Agent-GBX
Sunbelt 2.2.907.0 2007.08.25 -
Symantec 10 2007.08.30 Trojan.Pandex
TheHacker 6.1.9.175 2007.08.29 -
VBA32 3.12.2.3 2007.08.28 -
VirusBuster 4.3.26:9 2007.08.29 Trojan.DL.Agent.Gen.8
Webwasher-Gateway 6.0.1 2007.08.29 Worm.Ntech.G
Additional information
File size: 19535 bytes
MD5: ae40360f22fe752249725ae43857e7ce
SHA1: 1623939307fa72120ee08ef647a32aa0ee40a0c1
[1] Trojan-Downloader:W32/Agent.CMK poorly detected [CastleCops]
[2] Pros and Cons of Free Online Virus Scanners [Productivity Portfolio]
1 Response to “What game? Trojan.Downloader-13141”