| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Aug 9 17:47:50 2005 From: Dan at dbambach.net (Dan Bambach) Subject: RE: New Worm? I did, and the result was it's a known worm as of 8-8-2005. Symantec now has updated information on this and should detect it in their defs on the 8-10. http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.cc@mm.htm l Dan Bambach -----Original Message----- It's worth submitting it to http://virusscan.jotti.org <http://virusscan.jotti.org> as well. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK _____ From: full-disclosure-bounces at lists.grok.org.uk [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Dan Bambach Sent: 09 August 2005 16:34 To: full-disclosure at lists.grok.org.uk Subject: [Full-disclosure] New Worm? I was "blessed" with an email that had a ZIP file attached called Beach.zip. The executable that was enclosed is called foto_bs363.exe. Is this a new one? A google search comes up blank, a yahoo search came up with one hit, www.symantec.com/avcenter/venc/data/pf/trojan.tooso.k.html <http://www.symantec.com/avcenter/venc/data/pf/trojan.tooso.k.html> . Interesting that when I sent it through VirusTotal, Symantec did not report anything and my Symantec does not detect any issues with it. Right now I have no way of testing this file, so anyone interested in it, let me know and I'll send it to you. Regards Dan DanATdbambach<>net -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050809/2e71 ccc7/attachment.html
Powered by blists - more mailing lists