RE: [Full-Disclosure] Encrypted document
Date: Thu Apr 01 2004 - 00:10:05 EST
I think this is bagle.n no ? Both NAI and f-prot see it as that.
---Mike
At 10:22 PM 31/03/2004, Alerta Redsegura wrote:
>Interesting one.
>Kaspersky antivirus says it is "bvblpiewo.exe Suspicion: PSW-Worm".
>
>Supposing the message was automatically generated and not manually
>crafted, the bmp-contained password is an interesting feature.
>
>Iñigo Koch
>redsegura.com
>
>
>
>De: full-disclosure-admin@lists.netsys.com
>[mailto:full-disclosure-admin@lists.netsys.com]En nombre de
>ge@egotistical.reprehensible.net
>Enviado el: miércoles 31 de marzo de 2004 22:18
>Para: full-disclosure@lists.netsys.com
>Asunto: [Full-Disclosure] Encrypted document
>Please, have a look at the attached file.
>
>In order to read the attach you have to use the following password:
>6921caf.bmp
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/octet-stream attachment: 6921caf.bmp
This archive was generated by hypermail 2.1.8 : Thu Apr 01 2004 - 01:01:04 EST
