No, that's variant of BloodHound and YES, even Norton Antivirus knows NOTHING about it. > -----Original Message----- > From: Hedges, Nigel [mailto:Nigel.Hedgesat_private] > Sent: Wednesday, May 09, 2001 9:14 AM > To: INCIDENTSat_private > Subject: > > > Thanks Blackhand, > > VBSWG.X (also known as VBS.VBSWG.X and VBS.Homepage) > Vet update 1205 includes detection for it. > And InoculateIT. > > I'd be surprised if most of the other major vendors haven't > already got > detection against this variant. > > Still worth posting about. > > Cheers, > > Nigel Hedges > Computer Associates > Technical Consultant (FSG Pre-Sales EM South) > Level 5 441 St.Kilda Rd > Melbourne VIC 3004 > Ph: +613 9821 3195 > Fax : +613 9821 3010 > Mob : +613 413 483 436 > Email: nigel.hedgesat_private > > -----Original Message----- > From: black-hand [mailto:blackat_private] > Sent: Wednesday, 9 May 2001 3:35 PM > To: INCIDENTSat_private > Subject: homepage worm > > Hi, > > There is a new VBS worm doing its rounds down here in Australia at the > moment, a lot of virus scanners arnt picking it up. Its not a > malicious > payload, but still.. > > ive put up the email, attachment and payload info here: > > http://black.wiretapped.net/homepagevirus.asp > > to bypass virus scanners, it does a simple decypher then execute > > black-hand > wiretapped - 2600 australia > http://black.wiretapped.net >
This archive was generated by hypermail 2b30 : Thu May 10 2001 - 19:12:03 PDT