Re: [Full-Disclosure] Virus infect on single user

From: morning_wood (se_cur_ity_at_hotmail.com)
Date: 02/09/04

  • Next message: Gadi Evron: "[Full-Disclosure] Outbreak warning: possibly Mydoom.C"
    To: "Rompax We Burn Everything" <rompax@hotmail.com>, <full-disclosure@lists.netsys.com>
    Date: Mon, 9 Feb 2004 10:28:16 -0800
    
    

    > I noticed that the file was last modified a day that i ddin't open my pc. Is
    there any change for that file to have >attributes than the real one?

    not uncommon for date manipulation with trojans. Beast 2.05 uses activeX
    startup routines and file date manipulation of the files ( files are dated
    8/23/2001 ).

    Donnie Werner
    morning_wood@exploitlabs.com
    http://exploitlabs.com

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Gadi Evron: "[Full-Disclosure] Outbreak warning: possibly Mydoom.C"