Re: [ok] [Full-Disclosure] Possible Virus/Trojan

• Previous message: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• In reply to: Curt Purdy: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Next in thread: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Reply: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Reply: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Curt Purdy" <purdy@tecman.com>
Date: Sun, 25 Jul 2004 16:05:53 -0700

On 25 Jul 2004, at 12:06, Curt Purdy wrote:
> Todd Towles wrote:
>> I received an e-mail today that looked very much like a virus. Here
>> is the message
>>
>> Attachment - erupts.avi.exe
>
>> Subject - New Southern California wildfire erupts
>
> <snip>
>
>> Either this is a new Trojan that changes it body and subject based on
>> the current AP news or someone used a very lame trick against me.
>> =)
>
> I'm guessing the latter. Although story scraping would be possible,
> intellegent naming of the .exe would not be. Most likely a friend...
> or
> enemy.

Sure it would be. In this case, at least, the executable is just named
based on the last word of the headline plus ".avi.exe".

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• application/pgp-signature attachment: This is a digitally signed message part

• Previous message: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• In reply to: Curt Purdy: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Next in thread: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Reply: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Reply: Todd Towles: "RE: [ok] [Full-Disclosure] Possible Virus/Trojan"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]