Full Disclosure mailing list archives

Re: undetected stuff downloaded by pnp worm

From: Feher Tamas <etomcat () freemail hu>
Date: Tue, 6 Sep 2005 12:50:06 +0200 (CEST)

Hello,

One of the files is an undoubted malware, called
"trojan.proxy.agent.gm"

The other, larger file is a modified version of the "Serv-U"
ftp program.

Some AV vendors refuse to detect this as a virus, because it
could be used for legitimate purposes.

Other vendors detect it either as Serv-U.something or an
IRC-hacktool or an "IstBar" related threat. The world of
malware naming is a real mess.

Regards, Tamas Feher.


_______________________________________________________________________
[freemail] extra 1GB-os postafiókkal, Önnek már van? http://freemail.hu


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

undetected stuff downloaded by pnp worm Willem Koenings (Sep 03)
- Re: undetected stuff downloaded by pnp worm Willem Koenings (Sep 04)
- <Possible follow-ups>
- Re: undetected stuff downloaded by pnp worm Feher Tamas (Sep 06)