lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: knud at skodliv.dk (Knud Erik Hojgaard) Subject: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Feher Tamas wrote: > Hello, > >> Fully self-contained harmless *.exe: >> CAUTION: back up notepad.exe before opening >> http://www.malware.com/self-exec.zip > > Kaspersky Antivirus says: > TrojanDropper.VBS.Inor.i > > I wouldn't call this malware harmless. Please remove it! Who cares what av-vendors say about certain files? A certain crappy antivirus solution will most likely flag this email as some sort of virus because of this string: $freebsd_string = $nop x $len . $ret x 2 . $nop x 1000 . $shellcode; ..at least it works if people use mirc and have logging enabled. crappy. -- kokanin