Interesting, we began seeing something similar a few hours ago, which had
a faked link to our doamin that actually went to an IP based Web Site.
When attempting to access, I was given a prompt to download
"CONFIRM.COM". From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, Andrew Sent: Monday, June 06, 2005 5:41 PM To: sniffer@SortMonster.com Subject: RE: [sniffer] New Spam/Virus? I'm
seeing what Scott sees, but the payload is an encrypted zip.
VirusTotal.com says:
This is a report
processed by VirusTotal on 06/06/2005 at 23:40:17 (CET) after scanning the file "DBB05F6330082B871.SMD" file.
VirusTotal is a free service offered by Hispasec Sistemas. There
are no guarantees about the availability and continuity of this service.
Although the detection rate afforded by the use of multiple antivirus engines is
far superior to that offered by just one product, these results DO NOT guarantee
the harmlessness of a file. Currently, there is not any solution that offers a
100% effectiveness rate for detecting viruses and malware. Andrew
8)
|
Title: Message
- Re: [sniffer] New Spam/Virus? Pete McNeil
- Re: [sniffer] New Spam/Virus? Scott Fisher
- Re: [sniffer] New Spam/Virus? Nick Hayer
- Re: [sniffer] New Spam/Virus? Jim Matuska
- RE: [sniffer] New Spam/Virus? Dave Koontz
- Re[2]: [sniffer] New Spam/Virus? Pete McNeil
- Re: Re[2]: [sniffer] New Spam/Virus? Jim Matuska
- Re[4]: [sniffer] New Spam/Virus? Pete McNeil
- RE: Re[4]: [sniffer] New Spam/Vi... John W. Enyart
- RE: [sniffer] New Spam/Virus? Colbeck, Andrew
- RE: [sniffer] New Spam/Virus? Dave Koontz
- RE: Re[2]: [sniffer] New Spam/Virus? Dave Marchette
- Re[4]: [sniffer] New Spam/Virus? Pete McNeil
- RE: [sniffer] New Spam/Virus? Colbeck, Andrew
- RE: [sniffer] New Spam/Virus? Colbeck, Andrew