Full Disclosure mailing list archives
Re: patch-9449
From: Mike Shafer <news-letter-subs () its-secured com>
Date: Fri, 13 Apr 2007 12:59:05 -0400
Myself and a client have received several over the past 24hrs. I submitted one as the password protected zip file to VirusTotal and Kaspersky identified it as a virus/trojan as did several other AV products. Names varied so I didn't record them. Was most interested in seeing if there was a consistent identification of the archive. Received another this morning which I unzipped on a Linux box then tested with CA AV. It was identified as Win32/Pecoan.R - Mike Shafer Steward Smith wrote:
Hi, Had a funny spam today that warned about mails coming from my IP address and I should apply the attached patch. The filename was named patch-9449.exe which was attached in a password protected zip file - presumably to fool your virus scanner.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- patch-9449 Steward Smith (Apr 12)
- Re: patch-9449 Matti Ranta (Apr 12)
- Re: patch-9449 mis (Apr 12)
- Re: patch-9449 Wong Chee Chun (Apr 13)
- Re: patch-9449 Mike Shafer (Apr 13)
- <Possible follow-ups>
- Re: patch-9449 Juha-Matti Laurio (Apr 13)
- Re: patch-9449 Matti Ranta (Apr 12)