検索:
ホーム   »     »   2 New Malwares Being Spammed

2 New Malwares Being Spammed

  • 投稿日:2005年12月5日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

Nope not worms. 1 Trojan and 1 Backdoor
(although backdoors are under Trojans, and are classified as Remote
Access Trojans, but as usual, I digress).


Attachment names are:
  • WithLove.zip (extracts as: “WithLove.jpg [looooots of
    spaces].exe”)
  • eirhb.zip (extracts as: “eirhb.txt [again looots of
    spaces].exe”)


The current detections are (based on MIST):
WithLove.zip (29,459 bytes)
  • TrendMicro : PAK_Generic.001
  • Symantec : NO_VIRUS
  • Kaspersky : Trojan-Spy.Win32.Goldun.fj
  • McAfee : Generic Malware.a!zip
  • Sophos : NO_VIRUS
  • Panda : NO_VIRUS


eirhb.zip (108,296 bytes)
  • TrendMicro : Possible_Virus
  • Symantec : NO_VIRUS
  • Kaspersky : Backdoor.Win32.SdBot.xd
  • McAfee : Generic Malware.a!zip
  • Sophos : NO_VIRUS
  • Panda : NO_VIRUS


How come this wasn’t posted under the advisories you say? Well as
you may have noticed, the advisories include email details. For
these 2 malwares, we do not yet have the email details, but our
sources indicate that these came from spammed emails.


Update (JJ,
02 December 2005 21:53:56)

Well well what do you know, the supposed
“Backdoor” is really a worm and will be detected as WORM_MYTOB.NF,
while the “WithLove” will be detected as TSPY_GOLDUN.BA. :D


Update (JJ,
02 December 2005 22:55:32)

Finally! An actual email sample from
WORM_MYTOB.NF! Check out the advisories page for the usual stuff.

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.