funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ? - I don't know where to send this one, so I'm sending i t here...

From: "Fergie" <fergdawg () netzero net>
Date: Wed, 2 Nov 2005 19:31:04 GMT
New Bagles being seeded.

Methinks the AV vendors are trying as best they can to keep
up with the onslaught of new Bagles being massively sent the
past few days...

- ferg


-- Rob Thompson <my.security.lists () gmail com> wrote:

Howdy all...

I have a few customers of mine that are getting e-mails that are a little off...

I don't really know where to start with this.  Basically, they are
getting e-mails to themselves from themselves at a different domain.

A file is attached (I am not including it in this e-mail but will send
it to those who request it should they so desire) in a zip named
"Info_prices.zip" within the zip is a file called "Text5546.exe".

I have Googled the file name for both the zip and executable and am
coming up with nothing.

OH - the subject line is just "FW:" it's a forwarded message that is blank.

I went to Symantec to try to submit a copy of the virus but apparently
I have to own a copy of their AV product and we don't use it here at
work.  Also, the vendor we do use is showing nothing in the a/v scan
AND they don't have a virus submit page either.

Anyone have any advice?  I fear that this may be something new, but
don't know how to confirm it.


--
Rob


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: