[Full-Disclosure] Encrypted document
Mike Tancsa
mike at sentex.net
Thu Apr 1 06:10:05 BST 2004
I think this is bagle.n no ? Both NAI and f-prot see it as that.
---Mike
At 10:22 PM 31/03/2004, Alerta Redsegura wrote:
>Interesting one.
>Kaspersky antivirus says it is "bvblpiewo.exe Suspicion: PSW-Worm".
>
>Supposing the message was automatically generated and not manually
>crafted, the bmp-contained password is an interesting feature.
>
>Iñigo Koch
>redsegura.com
>
>
>
>De: full-disclosure-admin at lists.netsys.com
>[mailto:full-disclosure-admin at lists.netsys.com]En nombre de
>ge at egotistical.reprehensible.net
>Enviado el: miércoles 31 de marzo de 2004 22:18
>Para: full-disclosure at lists.netsys.com
>Asunto: [Full-Disclosure] Encrypted document
>Please, have a look at the attached file.
>
>In order to read the attach you have to use the following password:
>6921caf.bmp
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 6921caf.bmp
Type: application/octet-stream
Size: 2094 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040401/017c2b98/attachment.obj
Full-Disclosure is hosted and sponsored by Secunia.