lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: knud at skodliv.dk (Knud Erik Hojgaard)
Subject: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0

Feher Tamas wrote:
> Hello,
>
>> Fully self-contained harmless *.exe:
>> CAUTION: back up notepad.exe before opening
>> http://www.malware.com/self-exec.zip
>
> Kaspersky Antivirus says:
> TrojanDropper.VBS.Inor.i
>
> I wouldn't call this malware harmless. Please remove it!

Who cares what av-vendors say about certain files? A certain crappy
antivirus solution will most likely flag this email as some sort of virus
because of this string:
$freebsd_string = $nop x $len . $ret x 2 . $nop x 1000 . $shellcode;
..at least it works if people use mirc and have logging enabled. crappy.

--
kokanin


Powered by blists - more mailing lists