Re: Win32.Sircam.Worm Alert.....
From: dzzie@yahoo.comDate: 07/24/01
- Previous message: Stefan Osterlitz: "AW: CGI Perl Question"
- Maybe in reply to: EPiC: "Win32.Sircam.Worm Alert....."
- Next in thread: Pete Sherwood: "Re: Win32.Sircam.Worm Alert....."
- Next in thread: Nic: "Re: Win32.Sircam.Worm Alert....."
- Next in thread: Dom De Vitto: "RE: A code red that could bring down the net?"
- Reply: Pete Sherwood: "Re: Win32.Sircam.Worm Alert....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dzzie@yahoo.com To: security-basics@securityfocus.com Subject: Re: Win32.Sircam.Worm Alert..... Message-Id: <20010724184526.SKJB5378.pop03-srv.alltel.net@quas> Date: Tue, 24 Jul 2001 13:45:26 -0500
there also appears to be at least one variant i got that is not
detected by norton yet.
i made a quick program to extract the user file from
the virus, when it couldnt auto determine the file
type i took a closer look
it looks like this variant is a pack file with a bunch of exe's
i havent looked to close at it yet or extracted any of the programs
possibly a bug from multiple infections "piling" up the payload?
but even if it was just teh same payload over and over one of them
should have triggered norton i think
it arrived in the same Sircam fasion though so at least that is the
same.
- Previous message: Stefan Osterlitz: "AW: CGI Perl Question"
- Maybe in reply to: EPiC: "Win32.Sircam.Worm Alert....."
- Next in thread: Pete Sherwood: "Re: Win32.Sircam.Worm Alert....."
- Next in thread: Nic: "Re: Win32.Sircam.Worm Alert....."
- Next in thread: Dom De Vitto: "RE: A code red that could bring down the net?"
- Reply: Pete Sherwood: "Re: Win32.Sircam.Worm Alert....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
