2014-11-13
Truth in e-mail virus filenames
Attention: this item is more than 5 years old, links can be broken and information can have been updated.
Truth in e-mail virus attempts seen (note the filename) :Subject: MDaemon Notification -- Attachment Removed ----------------------------------------- order01.zip (order01\bot_crypted10394.scr)Oh, and another one came through with attachment:Archive: order01.zip Length Date Time Name -------- ---- ---- ---- 385024 11-12-14 17:00 order01/bot_crypted10394.scr -------- ------- 385024 1 file$ md5sum order01.zip ; sha256sum order01.zip ad9cb44bb7d64a8c5b619a4d37e7eb97 order01.zip ecd0ead687314c195a8072fe46fd513b46d61688c19398ec3edbfd6f92b4aca4 order01.zip $ md5sum order01/bot_crypted10394.scr ; sha256sum order01/bot_crypted10394.scr 509670b354f356dcd38f3d47408d9910 order01/bot_crypted10394.scr 93098ab5d8827339b17e4510676c40c79f6eb09c7cbb5cf0931100fce647a64f order01/bot_crypted10394.scrLots of German text in the .scr file:Mitgemeint7 Logistiktruppe Landschaftsstreifen Blumenart7 Friedensnobelpreis Priesterausbildung Luftmotor Form C:\prestigetr chtigem\Durchmischend6\Rauchgasexplosion\VB98\VB6.OLB Exzessiverem7 Raumverschwendungen7 Artikelstammwartung1And I pasted the complete strings -a bot_crypted10394.scr into pastebin.