Full Disclosure mailing list archives

Re: Another noxious M$ trojan

From: "Gregory A. Gilliss" <ggilliss () netpublishing com>
Date: Wed, 19 Nov 2003 21:23:59 -0800

For all who were interested in reviewing the suspect binaries, I have 
posted them on my Web site:

http://www.gilliss.com/greg/bin/awsqyf.zip
http://www.gilliss.com/greg/bin/update1991.zip

The first is 52521 bytes and the second is 51529 bytes. Both executables,
when uncompressed, measure 106496 bytes. Each file expands to a Windows
.EXE file.

These files are suspected MALWARE and should not be executed except under
controlled circumstances. I accept no responsibility for damages.

BTW, I hope it's just another Gibe variant also...problem with running
UNIX and getting all these useless attachments >-)

G

-----Original Message-----
From: Gregory A. Gilliss [mailto:ggilliss () netpublishing com] 
Sent: Wednesday, November 19, 2003 6:22 PM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Another noxious M$ trojan


Hello all:

Heads up - I received this in my mailbox this afternoon (Wednesday PST).

<SNIP> 

-- 
Gregory A. Gilliss, CISSP                              E-mail: greg () gilliss com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Another noxious M$ trojan Gregory A. Gilliss (Nov 19)
- Re: Another noxious M$ trojan Valdis . Kletnieks (Nov 19)
- Re: Another noxious M$ trojan :-) (Nov 20)
  - Re: Another noxious M$ trojan Bart . Lansing (Nov 20)
- <Possible follow-ups>
- Re: Another noxious M$ trojan Gregory A. Gilliss (Nov 19)
  - Re: Another noxious M$ trojan Oliver Heinz (Nov 19)
  - Re: Another noxious M$ trojan Nick FitzGerald (Nov 19)
  - Message not available
    - Re: Another noxious M$ trojan Gregory A. Gilliss (Nov 19)