Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

RE: strange qmail actions
From: "Bojan Zdrnja" <Bojan.Zdrnja () FER hr>
Date: Fri, 13 Jul 2001 10:46:42 +0200
-----Original Message-----
From: Gerrit Scherpenzeel [mailto:n.scherpenzeel () chello nl]
Sent: 12. lipanj 2001 10:17
To: incidents () securityfocus com
Subject: strange qmail actions
----VEHAROPAJO1A7KLYBGXUN8H
Content-Type: application/octet-stream; name="MLJAJCML.EXE"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="MLJAJCML.EXE"

..]

Or something like this.

Sounds like a outlook virus to me, but why these strange mail
adresses?


This is probably W32/Hybris-C worm, which sends itself with different
filenames.
For more information check:
http://www.sophos.com/virusinfo/analyses/w32hybrisc.html

I happen to receive at least few of these worms each day :/

Regards,

Bojan Zdrnja





----------------------------------------------------------------------------


This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see:

http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]