RE: New virus: Alua! (Bagle.B)
From: Sean Kelly (sean_at_itsecurityconsultant.com)
Date: 02/17/04
- Previous message: Munoz, Hector: "RE: New virus: Alua! (Bagle.B)"
- In reply to: Seth Hall: "Re: New virus: Alua! (Bagle.B)"
- Next in thread: Jeremy Junginger: "RE: New virus: Alua! (Bagle.B)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'Seth Hall'" <shall@iotaengineering.com>, <incidents@securityfocus.com> Date: Tue, 17 Feb 2004 16:53:40 -0000
Sophos has also got this but identifies it as Tanx.a
Sean Kelly
IT Security Consultant
2 Tintern Street, Hanley, Stoke on Trent,
Staffordshire. ST1 3QU. England.
Email: sean@itsecurityconsultant.com
Website: www.itsecurityconsultant.com
GSM: (0044) 07792 982593
This message contains confidential information and is intended only for
the individual named. If you are not the named addressee you should not
disseminate, distribute or copy this e-mail. Please notify the sender
immediately by e-mail if you have received this e-mail by mistake and
delete this e-mail from your system. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses. The sender therefore does not accept liability for any
errors or omissions in the contents of this message, which arise as a
result of e-mail transmission. If verification is required please
request a hard-copy version. IT Security Consultant, 2Tintern Street,
Hanley, Stoke on Trent, Staffordshire. ST1 3QU England,
www.itsecurityconsultant.com
-----Original Message-----
From: Seth Hall [mailto:shall@iotaengineering.com]
Sent: 17 February 2004 16:45
To: incidents@securityfocus.com
Subject: Re: New virus: Alua! (Bagle.B)
> Anyone got hit by this new virus yet?
>
> Any deep informations about it would be greatly appreciated! Do you
know
> what is the source code of the .php files it tries to execute on the
> websites?
Bitdefender has info on it, but no mention of .php files. From what it
looks
like (found at
http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=193),
it's a
fairly standard exe-in-the-system32-folder, send itself to your address
book
type virus. It does launch Sound Recorder, though.
Seth Hall
------------------------------------------------------------------------
--- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ------------------------------------------------------------------------ ---- _______________________________________________ Scanned for all known viruses by Bucks Net in association with NetCleanse. Please consult http://www.bucks.net/av/ for more information.
_______________________________________________
Scanned for all known viruses by Bucks Net
in association with NetCleanse.
Please consult http://www.bucks.net/av/ for more information.
- application/x-pkcs7-signature attachment: smime.p7s
- Previous message: Munoz, Hector: "RE: New virus: Alua! (Bagle.B)"
- In reply to: Seth Hall: "Re: New virus: Alua! (Bagle.B)"
- Next in thread: Jeremy Junginger: "RE: New virus: Alua! (Bagle.B)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
