Full Disclosure: RE: Encrypted document

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

RE: Encrypted document

From: Mike Tancsa <mike () sentex net>
Date: Thu, 01 Apr 2004 00:10:05 -0500


I think this is bagle.n no ? Both NAI and f-prot see it as that.

        ---Mike


At 10:22 PM 31/03/2004, Alerta Redsegura wrote:

Interesting one.
Kaspersky antivirus says it is "bvblpiewo.exe Suspicion: PSW-Worm".
Supposing the message was automatically generated and not manuallycrafted, the bmp-contained password is an interesting feature.
Iñigo Koch
redsegura.com
De: full-disclosure-admin () lists netsys com[mailto:full-disclosure-admin () lists netsys com]En nombre dege () egotistical reprehensible net
Enviado el: miércoles 31 de marzo de 2004 22:18
Para: full-disclosure () lists netsys com
Asunto: [Full-Disclosure] Encrypted document
Please, have a look at the attached file.

In order to read the attach you have to use the following password:
6921caf.bmp

Attachment: 6921caf.bmp
Description:

By Date By Thread

Current thread:

Encrypted document ge (Mar 31)
- RE: Encrypted document Alerta Redsegura (Mar 31)
  - RE: Encrypted document Iraklis A. Mathiopoulos (Mar 31)
  - RE: Encrypted document Mike Tancsa (Mar 31)
- <Possible follow-ups>
- Re: Encrypted document Iraklis A. Mathiopoulos (Mar 31)