>be me
>boss calls saying he hired a thirdparty to redo our website
>i find an vb file dropper code in one of the html files
>tell boss I prevented a disaster
>thirdparty gets fired and I get a bonus
TLDR; Windows users keep Linux users in business.
>>60509965
>vb file dropper code
Hwat
>>60509990
https://paste.fedoraproject.org/paste/RvCiNX9XcMUBBawWrDOutl5M1UNdIGYhyRLivL9gydE=
>>60510011
What is this
>>60510021
>>60509990
>>60510021
A fb file dropper, duh
Sarcasm aside I'm going to take an educated guess and assume it's a pre-compiled program designed to look like an ordinary background program, to do who knows what. It sounds like it was embedded in an HTML file, so it's a virus of some sort. Seeing as OP called it a file dropper I'd assume it carries a payload.
>>60510050
VB file dropper* typo
I know people who leave their router password at their default admin/admin account. When I tell them that's a bad idea, they just say "I trust my guests and they dont know how to do shit anyway".
I don't know what is this mental block people have when I try to tell them something. They think all they need is an "antivirus" to stay safe.
>>60510376
>when I try to tell them something
Get their replies in writing. See mental gears shift. Note immediate reaction.
Works every time.
>>60510011
https://www.virustotal.com/en/file/63b02a3e8e7e049d1f29cd4cd79fe5c8905754da6c023df72aa5cca351d0d5c5/analysis/
>first scanned in 2010
>>60513117
That doesn't look like the same worm. The entry point is different.