Security Basics mailing list archives

Re: 543.rar attachment

From: Andrew Pretzl <arp () norlight com>
Date: Fri, 4 Mar 2005 13:18:29 -0600

The dddd.exe file is some manner of malware (spyware I believe). The
543.rar is probably some random name chosen to try to disguise the dddd.exe
payload.
AP
-
=============================
Andrew Pretzl - CISSP
Security Administrator
Norlight Telecommunications
http://www.norlight.com
=============================
"Quis custodiet ipsos custodes?"


                                                                                                                        
               
                      "Ju Ne"                                                                                           
               
                      <ddjjembe1@hotmai        To:       security-basics () securityfocus com                           
                  
                      l.com>                   cc:       (bcc: Andrew Pretzl/Brookfield/Norlight)                       
               
                                               Fax to:                                                                  
               
                      03/04/2005 11:12         Subject:  543.rar attachment                                             
               
                      AM                                                                                                
               
                                                                                                                        
               
                                                                                                                        
               




We have been receiving an influx of emails that contained an attachment
called 543.rar.  Inside this .rar is an executable called dddd.exe.  Does
anyone know more information about this executable?

june

_________________________________________________________________
Don’t just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/

Current thread:

543.rar attachment Ju Ne (Mar 04)
- Re: 543.rar attachment Alan Apperson (Mar 07)
- Re: 543.rar attachment Zachary Mutrux (Mar 07)
- Re: 543.rar attachment Alonso / ReYDeS (Mar 07)
- Re: 543.rar attachment Kevin Carlson (Mar 07)
- Re: 543.rar attachment Clinton Moore (Mar 07)
- Re: 543.rar attachment Service (Mar 07)
- Re: 543.rar attachment Curtis (Mar 07)
- Message not available
  - Re: 543.rar attachment Kinnell (Mar 07)
- Re: 543.rar attachment Thierry Zoller (Mar 07)
- <Possible follow-ups>
- Re: 543.rar attachment Andrew Pretzl (Mar 07)
- RE: 543.rar attachment Andrew Shore (Mar 07)
- RE: 543.rar attachment adisegna (Mar 08)
  - RE: 543.rar attachment Sean Crawford (Mar 09)
- RE: 543.rar attachment adisegna (Mar 11)
  - Re: 543.rar attachment Kinnell (Mar 14)
    - Re: 543.rar attachment Steven DeFord (Mar 14)
- Re: 543.rar attachment Jonathan Loh (Mar 14)
- RE: 543.rar attachment adisegna (Mar 14)
- Re: 543.rar attachment David J ONEILL (Mar 15)
  - RE: 543.rar attachment Sean Crawford (Mar 16)

(Thread continues...)