Try Sophos - www.sophos.com http://www.sophos.com/virusinfo/analyses/trojsysbuga.html
Thanks, Anthony Aykut Frame4 Security Systems Your Partner in IT Security http://www.frame4.com/ Tel/Fax : +31(0)172-515901 Mobile : +31(0)651-491507 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mike Sent: Tuesday, November 25, 2003 08:15 To: Tireman; [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] Potentially new Virus Hi Andrew, The message body does ring a bell, but I don't remember what the virus is. I searched many different anti-virus vendor sites and googled. Which brings me to this question: why is it so damn hard for us to search for info on viruses by subject, msg body, or/and symptoms??? It gets really frustrating when you recognize certain characteristics of a virus but can't search for them!! Is there a service I'm unaware of? Thanks Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Tireman Sent: Tuesday, November 25, 2003 6:57 PM To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Potentially new Virus Has anyone come across a virus with the following message body and attached a file called 'Private.zip' which unzips to wendynaked.jpg.exe I couldn't find any info on Symantecs security response site or Google either. Message Body: ----- Start --- Hello my dear Mary, I have been thinking about you all night. I would like to apologize for the other night when we made beautiful love and did not use condoms. I know this was a mistake and I beg you to forgive me. I miss you more than anything, please call me Mary, I need you. Do you remember when we were having wild sex in my house? I remember it all like it was only yesterday. You said that the pictures would not come out good, but you were very wrong, they are great. I didn't want to show you the pictures at first, but now I think it's time for you to see them. Please look in the attachment and you will see what I mean. I love you with all my heart, James. Andrew ----- End ---- -- (6) It is easier to move a problem around (for example, by moving the problem to a different part of the overall network architecture) than it is to solve it. (6a) (corollary). It is always possible to add another level of indirection. -- RFC 1925 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
