[Full-disclosure] Simcard 0day.

Blue Boar BlueBoar at thievco.com
Tue Jan 2 01:43:05 GMT 2007 

dfklsddshd wrote:
> 1. Open attachment.

Does this actually work on people on a security mailing list?

					BB

Complete scanning result of "Simcard.com", received in VirusTotal at
01.02.2007, 02:38:58 (CET).

Antivirus	Version	Update	Result
AntiVir	7.3.0.21	01.01.2007	TR/Spy.Banker.73216
Authentium	4.93.8	12.30.2006	no virus found
Avast	4.7.892.0	12.30.2006	no virus found
AVG	386	01.01.2007	no virus found
BitDefender	7.2	01.01.2007	GenPack:Generic.Banker.OT.924A93D1
CAT-QuickHeal	8.00	01.01.2007	(Suspicious) - DNAScan
ClamAV	devel-20060426	01.01.2007	no virus found
DrWeb	4.33	12.31.2006	WIN.MAIL.WORM.Virus
eSafe	7.0.14.0	01.01.2007	Suspicious Trojan/Worm
eTrust-InoculateIT	23.73.102	12.30.2006	no virus found
eTrust-Vet	30.3.3289	12.29.2006	no virus found
Ewido	4.0	01.01.2007	no virus found
Fortinet	2.82.0.0	01.01.2007	suspicious
F-Prot	3.16f	12.30.2006	no virus found
F-Prot4	4.2.1.29	12.30.2006	no virus found
Ikarus	T3.1.0.27	01.01.2007	Trojan-Spy.Win32.Banker.axc
Kaspersky	4.0.2.24	01.02.2007	no virus found
McAfee	4929	12.29.2006	no virus found
Microsoft	1.1904	12.31.2006	no virus found
NOD32v2	1951	01.01.2007	probably unknown NewHeur_PE virus
Norman	5.80.02	12.31.2007	no virus found
Panda	9.0.0.4	01.01.2007	Suspicious file
Prevx1	V2	01.02.2007	no virus found
Sophos	4.13.0	01.01.2007	no virus found
Sunbelt	2.2.907.0	12.18.2006	VIPRE.Suspicious
TheHacker	6.0.3.141	01.01.2007	no virus found
VBA32	3.11.1	01.01.2007	no virus found
VirusBuster	4.3.19:9	01.01.2007	no virus found

Aditional Information
File size: 73216 bytes
MD5: 5f22c38e77383a68f865a2c8d9c84f0c
SHA1: c1a76dc5fa43d102b447057ce16ad44e8dcf456f
packers: YODA
packers: YodaProt
Sunbelt info: VIPRE.Suspicious is a generic detection for potential
threats that are deemed suspicious through heuristics.
VirusTotal is a free service offered by Hispasec Sistemas. There are no
guarantees about the availability and continuity of this service.
Although the detection rate afforded by the use of multiple antivirus
engines is far superior to that offered by just one product, these
results DO NOT guarantee the harmlessness of a file. Currently, there is
not any solution that offers a 100% effectiveness rate for detecting
viruses and malware.

Full-Disclosure is hosted and sponsored by Secunia.