Full Disclosure mailing list archives
Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS AT
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sun, 25 May 2003 17:08:50 +1300
A plunger hiding behind the handle "morning_wood" wrote:
Analysis of "Update880.exe" W32.gibe - Trojan / Worm
"Analysis"?? Nah. What you did shows multiple levels of stupidity but nothing that passes for "analysis". Your actions allow others to analyse you to some degree, but do not contribute anything useful to the purposes of this list. <<snip>>
... This is a different variant than identified by Symantic in March 2003. ...
From a quick search of Symantec's web site, it seems that (what
Symantec calls) Gibe.C was the only Gibe variant discovered in March, so of course this one is different. Anyone with two functioning brain cells and a hint of an idea of what they were doing would very quickly work out that this variant is bit-for-bit identical to the standard form of the Gibe.B variant, discovered in February. Mr "morning_wood" -- next time you want to help like this, please resist the temptation until you've absorbed a few more clues. Despite what you may think, the list is not a virus distribution channel and the few times otehrs have posted samples previousaly have resulted in far more folk posting "don't do that" messages than posted "way to go" ones. Finally, Gibe.B is dead common -- if this is the first sample of it to arrive in your Email then you really are far from the cutting-edge of anything related to computer viruses. I'd suggest that you would therefore be much better off refraining from making public "contributions" about them and leave that to those who actually understand them and handle them on a regular and informed basis. -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED, (continued)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED William Warren (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED morning_wood (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED William Warren (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED morning_wood (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED w g (May 24)
- RE: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED JT (May 24)
- SV: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED Peter Kruse (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED morning_wood (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED northern snowfall (May 24)
- Re: Ms Update Spoof - W32.gibe - NOTE:VIRUS ATACHED Nexus (May 25)