[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] one new trojan

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] one new trojan
From: Filbert <filbert@xxxxxxxxxx>
Date: Sat, 24 Jul 2004 20:25:28 +0200

On Saturday July 24 2004 19:13, Willem Koenings wrote:
> hi,
>
> today i encountered one new trojan : web.exe / services.exe,
> arrives in arc.zip and is executed via java. kaspersky
> doesn't identify this one yet. web exe is placed to the root
> dir, then copied as services.exe to the SystemRoot\inetg
>
> if anyone is curious to play with it :
>
> http://conyc.com/galleryg/arc.zip
>
> starter script is here:
>
> http://conyc.com/galleryg/starter.html
>
> willem.

NAV does recognise it as Trojan.ByteVerify.


-- 
echo "+++ATH0filb+++ATH0@xxxxxxxxxxxxx" | sed 's/+++ATH0//g'
 "Disclaimer:  Any similarities between what I say and what I mean 
  are purely coincidental." 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] one new trojan
  - From: Willem Koenings

Prev by Date: Re: [Full-Disclosure] Crash IE with 11 bytes ;)
Next by Date: RE: [Full-Disclosure] one new trojan
Previous by thread: [Full-Disclosure] one new trojan
Next by thread: RE: [Full-Disclosure] one new trojan
Index(es):
- Date
- Thread