|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: WORM_MIMAIL.A Anyone have any info on what this does yet?
Michael.Washington
fitchratings.com
Date: Fri Aug 01 2003 - 13:24:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
McAfee here identified it as EXPLOIT-CODEBASE, but this is listed as known
in their dictionary since 2002. May be a misidentification on engine's
part. No cleaner was yet available. Checking with McAfee Avert and
WebImmune.
Danny
<drh26drexel.edu To: incidentssecurityfocus.com
> cc:
Subject: WORM_MIMAIL.A Anyone have any info on what this does yet?
08/01/2003 12:56
PM
We are getting flooded with these little puppies, does anyone have any
additional info on what this thing does once it infects a host?
I'll be infecting a box to test myself after i send this email but if
anyone has done testing already it would great to hear your input.
Norton have released a Def for this and identify the virus as
WORM_MIMAIL.A
(http://securityresponse.symantec.com/avcenter/venc/data/
w32.mimail.amm.html)
If any one would like a copy of the original code you can get it at
http://akasha.irt.drexel.edu/message.zip
Danny
Work - http://www.eBoundary.com - Secure, FreeBSD hosting.
Play - http://www.eBoundary.net - Who really sets your electronic
boundaries?
AIM: eBoundaryTch | ICQ: 3090141
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]