[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- To: <Valdis.Kletnieks@xxxxxx>, "'Curt Purdy'" <purdy@xxxxxxxxxx>
- Subject: RE: [ok] [Full-Disclosure] Possible Virus/Trojan
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Mon, 26 Jul 2004 15:29:23 -0500
It is a good idea but if it was a new version of a e-mail virus, we will be
seeing it all over the place by now.
I don't have a copy of the exe, it was deleted off the server before I could
get someone to save it. I have it on my client but Outlook is blocking it.
There may be a way of getting it out of Outlook but I am not sure if it is
worth the effort. Therefore I don't have the ability to dissemble it.
I was the only person in the company to get this type of e-mail which is
very odd, but I did get the very cool MyDoom.0 today as well.
-Todd
-----Original Message-----
From: Valdis.Kletnieks@xxxxxx [mailto:Valdis.Kletnieks@xxxxxx]
Sent: Monday, July 26, 2004 3:19 PM
To: Curt Purdy
Cc: 'Todd Towles'; 'Mailing List - Full-Disclosure'
Subject: Re: [ok] [Full-Disclosure] Possible Virus/Trojan
On Sun, 25 Jul 2004 14:06:55 CDT, Curt Purdy <purdy@xxxxxxxxxx> said:
> I'm guessing the latter. Although story scraping would be possible,
> intellegent naming of the .exe would not be. Most likely a friend... or
> enemy.
http://www.cnn.com/2004/WEATHER/07/26/new.mexico.flooding.ap/index.html
"Rain floods New Mexico".
http://www.cnn.com/2004/SHOWBIZ/Movies/07/26/halle.berry.ap/index.html
"Halle Berry falls for feline co-star"
Looks pretty easy to scrape the URL for a useful name... and if you've
already
scraped the story, you probably HAVE the URL you scraped it from... ;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html