Myself and a client have received several over the past 24hrs. I submitted one as the password protected zip file to VirusTotal and Kaspersky identified it as a virus/trojan as did several other AV products. Names varied so I didn't record them. Was most interested in seeing if there was a consistent identification of the archive.
Received another this morning which I unzipped on a Linux box then tested with CA AV. It was identified as Win32/Pecoan.R - Mike Shafer Steward Smith wrote: > Hi, > > Had a funny spam today that warned about mails coming from my IP address > and I should apply the attached patch. The filename was named > patch-9449.exe which was attached in a password protected zip file - > presumably to fool your virus scanner. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
