Full Disclosure mailing list archives
Virus on web site
From: "Peter B. Harvey (Information Security)" <peterharvey () emergency qld gov au>
Date: Tue, 2 Aug 2005 14:49:49 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, This virus at the time of my posting this is only detedted by Kasperski and I cannot find any detail on the virus. Came in the email as given below. URL for the virus http://www.alias-search.com/images/msits.exe Also found was the following url also the same virus http://www.alias-search.com/images/msitsa.exe Kasperski detects it as msits.exe - infected by Backdoor.Win32.Haxdoor.dw Anyone with info on this virus? Peter Email Body Text ______________________________________________________________________ ___________________________________ <IFRAME width="1" height="1" SRC="http://www.alias-search.com/include/version_1567/select.html" frameBorder="1" scrolling="no"></IFRAME> <BR> Hi!<BR> At me a problem with sending.<BR> I can not remove a problem...<BR> See screen. Make preliminary search on this word.<BR> Thanks!<BR> <BR><BR> <A href="http://www.alias-search.com/include/version_1567/select.html">Sc reen</A> <BR> ______________________________________________________________________ ________________________ -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQA/AwUBQu77bP2VmmbibZoUEQLaxACfW9oC10lGWQ738RaTEKok6ncr7TYAoNt9 gFvM0q5/rrtgJgXEpU3b4KBq =Fh/3 -----END PGP SIGNATURE----- This correspondence is for the named persons only. It may contain confidential or privileged information or both. No confidentiality or privilege is waived or lost by any mis transmission. If you receive this correspondence in error please delete it from your system immediately and notify the sender. You must not disclose, copy or relay on any part of this correspondence, if you are not the intended recipient. Any opinions expressed in this message are those of the individual sender except where the sender expressly, and with the authority, states them to be the opinions of the Department of Emergency Services, Queensland. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Virus on web site Peter B. Harvey (Information Security) (Aug 01)
- REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site) J.A. Terranson (Aug 01)
- Re: Virus on web site Johannes Schneider (Aug 02)
- Re: Virus on web site Nick FitzGerald (Aug 02)
- <Possible follow-ups>
- Re: Virus on web site Peter B. Harvey (Information Security) (Aug 02)
- Re: Virus on web site Nick FitzGerald (Aug 02)