> -----Original Message----- > From: Gerrit Scherpenzeel [mailto:n.scherpenzeelat_private] > Sent: 12. lipanj 2001 10:17 > To: incidentsat_private > Subject: strange qmail actions > ----VEHAROPAJO1A7KLYBGXUN8H > Content-Type: application/octet-stream; name="MLJAJCML.EXE" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; filename="MLJAJCML.EXE" > > ..] > > Or something like this. > > Sounds like a outlook virus to me, but why these strange mail > adresses? This is probably W32/Hybris-C worm, which sends itself with different filenames. For more information check: http://www.sophos.com/virusinfo/analyses/w32hybrisc.html I happen to receive at least few of these worms each day :/ Regards, Bojan Zdrnja ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jul 13 2001 - 15:43:43 PDT