[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Yet another version of a worm mass mail? (Paypal.com new year offer)

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Yet another version of a worm mass mail? (Paypal.com new year offer)
From: Michael Renzmann <security@dylanic.de>
Date: Thu, 15 Jan 2004 09:00:14 +0100

Hi all.

I received a mail which is said to be from Paypal.com (has been sent from an IP that is registered to an ISP in Venezuela), subject is "PAYPAL.COM NEW YEAR OFFER". Attached is a file called "paypal.zip" that contains a file "paypal.exe" (2592 bytes).

Is this yet another variant of a well-known mass mailing worm, or is this something new? I saved that mail, so if someone wants to take a closer look at it, let me know.

Bye, Mike

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Yet another version of a worm mass mail? (Paypal.com new year offer)
  - From: Nick FitzGerald <nick@virus-l.demon.co.uk>
- Re: [Full-Disclosure] Yet another version of a worm mass mail? (Paypal.com new year offer)
  - From: Tobias Weisserth <tobias@weisserth.de>

Prev by Date: [Full-Disclosure] NetGear VFS/VFM 318 ProSafe Firewall/VPN issue?
Next by Date: Re: [Full-Disclosure] Virus / Trojan
Previous by thread: [Full-Disclosure] NetGear VFS/VFM 318 ProSafe Firewall/VPN issue?
Next by thread: Re: [Full-Disclosure] Yet another version of a worm mass mail? (Paypal.com new year offer)
Index(es):
- Date
- Thread