[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- To: "'Andrew Farmer'" <andfarm@xxxxxxxxxxxx>, "'Curt Purdy'" <purdy@xxxxxxxxxx>
- Subject: RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Sun, 25 Jul 2004 22:05:46 -0500
It is a very smooth idea if it is a new e-mail worm. I haven't been able to
find any information from any AV companies on something like this. If it is
some kiddie trying to be smooth with me, this could be a new technique to
come.
-----Original Message-----
From: Andrew Farmer [mailto:andfarm@xxxxxxxxxxxx]
Sent: Sunday, July 25, 2004 6:06 PM
To: Curt Purdy
Cc: 'Mailing List - Full-Disclosure'; 'Todd Towles'
Subject: Re: [ok] [Full-Disclosure] Possible Virus/Trojan
On 25 Jul 2004, at 12:06, Curt Purdy wrote:
> Todd Towles wrote:
>> I received an e-mail today that looked very much like a virus. Here
>> is the message
>>
>> Attachment - erupts.avi.exe
>
>> Subject - New Southern California wildfire erupts
>
> <snip>
>
>> Either this is a new Trojan that changes it body and subject based on
>> the current AP news or someone used a very lame trick against me.
>> =)
>
> I'm guessing the latter. Although story scraping would be possible,
> intellegent naming of the .exe would not be. Most likely a friend...
> or
> enemy.
Sure it would be. In this case, at least, the executable is just named
based on the last word of the headline plus ".avi.exe".
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html