Full Disclosure mailing list archives
Re: Virus / Trojan
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 10 Jan 2004 13:23:39 +1300
"Otero, Hernan (EDS)" <HOtero () lanchile cl> wrote:
Today found this suspicious file attached to an email, obviously is a virus (our AV donĀ“t detect it :-( ). The virus/trojan is very simple, the developer only put effort in obfuscate the strings inside the binary.
If you suspect it is a virus, why in heck post a sample to a public mailing list? If you suspect something is a new virus or other malware and your AV does not detect, for pity's sake send a sample of it to your AV developer. Better yet, send a sample to several AV developers you trust to analyse it properly and report back to you, but whatever else you do, do not send copies of it to thousands upon thousands of unknown folk. Fortunately the mail service you sent this from uses an AV that was updated for detecting this malware than the service where you received it (or, if the same service, the required update arrived in the interim between initial receipt and re-sending) and the file was detached from your message... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Virus / Trojan Otero, Hernan (EDS) (Jan 09)
- Re: Virus / Trojan Exibar (Jan 09)
- Re[2]: Virus / Trojan Papp Geza (Jan 09)
- Re: Virus / Trojan Axel Pettinger (Jan 09)
- Re: Virus / Trojan William Warren (Jan 09)
- Re: Virus / Trojan Nick FitzGerald (Jan 09)
- <Possible follow-ups>
- RE: Virus / Trojan Nicolas CARTRON (Jan 09)
- RE: Virus / Trojan John LaCour (Jan 09)
- Re: Virus / Trojan PhilZ (Jan 15)
- Re: Virus / Trojan Koito Triabva (Jan 15)
- Re: Virus / Trojan Exibar (Jan 09)