[Full-Disclosure] Encrypted document
Alerta Redsegura
alerta at redsegura.com
Thu Apr 1 04:22:11 BST 2004
Interesting one.
Kaspersky antivirus says it is "bvblpiewo.exe Suspicion: PSW-Worm".
Supposing the message was automatically generated and not manually crafted,
the bmp-contained password is an interesting feature.
Iñigo Koch
redsegura.com
De: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com]En nombre de
ge at egotistical.reprehensible.net
Enviado el: miércoles 31 de marzo de 2004 22:18
Para: full-disclosure at lists.netsys.com
Asunto: [Full-Disclosure] Encrypted document
Please, have a look at the attached file.
In order to read the attach you have to use the following password:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040331/c78ab08e/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/bmp
Size: 2094 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040331/c78ab08e/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.