Full Disclosure mailing list archives
Re: Re: Online Script Decoder
From: Willem Koenings <infsec () gmail com>
Date: Mon, 13 Dec 2004 15:08:32 +0200
It's a trojan-dropper called VBS.Zerolin and it tries to download an executable file also belonging to the trojan-downloader family. It is called malware Win32.Zdesnado.Y What that exe file tries to download, I don't know.
hi,
It's a trojan-dropper called VBS.Zerolin and it tries to download an executable file also belonging to the trojan-downloader family. It is called malware Win32.Zdesnado.Y What that exe file tries to download, I don't know.
it's also known as W32/Lowzones.J and Troj/Crabton-B http://www.sophos.com/virusinfo/analyses/trojcrabtonb.html http://vi.db.kingsoft.com/virus.php?fid=1597 latter is in simplified chinese, use babelfish to read. W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Online Script Decoder GreyMagic Security (Dec 07)
- <Possible follow-ups>
- Re: Online Script Decoder Paul Szabo (Dec 07)
- Re: Online Script Decoder Elia Florio (Dec 07)
- Re: Online Script Decoder Feher Tamas (Dec 13)
- Re: Re: Online Script Decoder Willem Koenings (Dec 13)