[Full-disclosure] patch-9449
Mike Shafer
news-letter-subs at its-secured.com
Fri Apr 13 17:59:05 BST 2007
Myself and a client have received several over the past 24hrs.
I submitted one as the password protected zip file to VirusTotal and
Kaspersky identified it as a virus/trojan as did several other AV
products. Names varied so I didn't record them. Was most interested in
seeing if there was a consistent identification of the archive.
Received another this morning which I unzipped on a Linux box then
tested with CA AV. It was identified as Win32/Pecoan.R
- Mike Shafer
Steward Smith wrote:
> Hi,
>
> Had a funny spam today that warned about mails coming from my IP address
> and I should apply the attached patch. The filename was named
> patch-9449.exe which was attached in a password protected zip file -
> presumably to fool your virus scanner.
Full-Disclosure is hosted and sponsored by Secunia.