RE: New Worm?

["Dan Bambach" <Dan () dbambach net>]

I did, and the result was it's a known worm as of 8-8-2005. Symantec now has
updated information on this and should detect it in their defs on the 8-10.

http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.cc () mm htm
l 

Dan Bambach

-----Original Message-----
It's worth submitting it to http://virusscan.jotti.org
<http://virusscan.jotti.org>  as well.
 
Cheers,
 
Phil
----
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK 
 
  _____  

From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Dan
Bambach
Sent: 09 August 2005 16:34
To: full-disclosure at lists.grok.org.uk
Subject: [Full-disclosure] New Worm?

I was "blessed" with an email that had a ZIP file attached called
Beach.zip. The executable that was enclosed is called foto_bs363.exe. Is
this a new one?  A google search comes up blank, a yahoo search came up
with one hit, www.symantec.com/avcenter/venc/data/pf/trojan.tooso.k.html
<http://www.symantec.com/avcenter/venc/data/pf/trojan.tooso.k.html> .
Interesting that when I sent it through VirusTotal, Symantec did not
report anything and my Symantec does not detect any issues with it.
Right now I have no way of testing this file, so anyone interested in
it, let me know and I'll send it to you.

Regards
Dan 

DanATdbambach<>net

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050809/2e71
ccc7/attachment.html




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/