Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: [ok] Possible Virus/Trojan
From: Andrew Farmer <andfarm () teknovis com>
Date: Sun, 25 Jul 2004 16:05:53 -0700

On 25 Jul 2004, at 12:06, Curt Purdy wrote:
Todd Towles  wrote:
I received an e-mail today that looked very much like a virus. Here is the message

Attachment - erupts.avi.exe

Subject - New Southern California wildfire erupts

<snip>

Either this is a new Trojan that changes it body and subject based on the current AP news or someone used a very lame trick against me. =)

I'm guessing the latter.  Although story scraping would be possible,
intellegent naming of the .exe would not be. Most likely a friend... or
enemy.

Sure it would be. In this case, at least, the executable is just named based on the last word of the headline plus ".avi.exe".

Attachment: PGP.sig
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]