Trend has released an update, also reportedly a cleaner as well. -Bill -----Original Message----- From: Michael.Washingtonat_private [mailto:Michael.Washingtonat_private] Sent: Friday, August 01, 2003 2:25 PM To: Danny Cc: incidentsat_private Subject: Re: WORM_MIMAIL.A Anyone have any info on what this does yet? McAfee here identified it as EXPLOIT-CODEBASE, but this is listed as known in their dictionary since 2002. May be a misidentification on engine's part. No cleaner was yet available. Checking with McAfee Avert and WebImmune. Danny <drh26at_private To: incidentsat_private > cc: Subject: WORM_MIMAIL.A Anyone have any info on what this does yet? 08/01/2003 12:56 PM We are getting flooded with these little puppies, does anyone have any additional info on what this thing does once it infects a host? I'll be infecting a box to test myself after i send this email but if anyone has done testing already it would great to hear your input. Norton have released a Def for this and identify the virus as WORM_MIMAIL.A (http://securityresponse.symantec.com/avcenter/venc/data/ w32.mimail.aat_private) If any one would like a copy of the original code you can get it at http://akasha.irt.drexel.edu/message.zip Danny Work - http://www.eBoundary.com - Secure, FreeBSD hosting. Play - http://www.eBoundary.net - Who really sets your electronic boundaries? AIM: eBoundaryTch | ICQ: 3090141 --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sun Aug 03 2003 - 08:46:45 PDT