[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] (no subject)
- To: "'Paul Szabo'" <psz@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] (no subject)
- From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
- Date: Mon, 9 Aug 2004 15:08:34 -0500
It appears to be what TrendMico calls Beagle.AC - IDE released at 2:30pm
Maybe it is dropping a older Trojan.
-----Original Message-----
From: Paul Szabo [mailto:psz@xxxxxxxxxxxxxxxxx]
Sent: Monday, August 09, 2004 3:06 PM
To: jgrotegut@xxxxxxxxxxxxxxxx; toddtowles@xxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] (no subject)
> Anyone have any idea what this is ...
F-PROT ANTIVIRUS
Program version: 4.4.2
Engine version: 3.14.11
VIRUS SIGNATURE FILES
SIGN.DEF created 9 August 2004
SIGN2.DEF created 9 August 2004
MACRO.DEF created 10 May 2004
message->new__price.zip->price.html Infection: HTML/ObjData@exp
message->new__price.zip->price/price.exe is a dropper for W32/Mitglieder.W
Cheers,
Paul Szabo - psz@xxxxxxxxxxxxxxxxx http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html