-----BEGIN PGP SIGNED MESSAGE----- On Sun, 12 Aug 2001, Pete Jacob wrote: > > > Has anyone run across this before? > > > > I'll have to see about collecting a copy of the binary. Until > > such time, this should probably be considered a *possible* trojan that > > should be ruled out. Fortunately, it's a Sunday, so we've got a little > > time before the Monday morning zombies come rolling in and contributing > > to the problem. :) > > I have two in my mail box today... Anyone have the binary? I don't need copies of the e-mail in question since the content does not appear to change. I'd like to get my hands on the .exe file that this site tried to disseminate. I just visited the page a little while ago and the directory and file are now missing. Preliminary pokes around the domains seem to indicate the involved party is in Panama, but this is the result of initial findings only. - -Jay ( ( _______ )) )) .--"There's always time for a good cup of coffee"--. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- jdysonat_private ------<) | = |-' `--' `--' `-------- Real men prefer full disclosure. --------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBO3cjLblDRyqRQ2a9AQE/kAQAnC57oJSGVonMtlKsPNEtb8qj5zuH1Zsq E5rIMOsaOz16JnNIJO4PLrVwapBlJPJH6KAR+LyTmzKo+2UyScvN0PRBWPCfBHdn BpUTky8717RlJvmL47o2evluiKkKOtoYt/7FKs5D1F+i0MyT2VQR75aclkDhkdB0 JvbfWp/L+Pc= =uirL -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 07:23:54 PDT