| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <OF15D44441.DBA6AD51-ON86256EEB.006CACA3-86256EEB.006CB8D6@kohls.com>
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: (no subject)
Discovery Date : 8/10/2004 (PHL)
Origin : USA
Description ( updated : 8/9/2004 11:03:26 AM )
There are reports now in the USA of a malware spreading via email. The
file, price.exe, is spread as a ZIP file, and is included in a supposedly
manually-spammed email.
This price.exe file is a downloader and attempts to download a file named
2.jpg from different sites. The sites are currently inaccessible at the
time of this writing.
Infected customers also report a file named as windll.exe running in the
system.
TrendLabs is still currently analyzing the files and will soon post a more
detailed analysis.
--------------------------------------------------------------------------------
EPS Deliverables
Pattern
OPR 953 for WORM_BAGLE.AC
- Pattern under QA Testing 8/9/2004 11:23:44 AM
Thank you,
Fooks, LynnBart Lansing
Manager, Desktop Services
Kohl's IT
262-703-2911
full-disclosure-admin@...ts.netsys.com wrote on 08/09/2004 02:03:54 PM:
> (In regards to new_price.zip file attachment)
>
> Anyone have any idea what this is, we had some clients just get pretty
> hard with this email. I am unable to find anything on it, from my VERY
> Limited knowledge it appears to be a virus exploiting one of the many
> holes in IE. Anyone else see anything on this yet?
>
> Jonathan Grotegut
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists