Full Disclosure mailing list archives
Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0
From: "Knud Erik Hojgaard" <knud () skodliv dk>
Date: Tue, 11 Nov 2003 18:38:36 +0100
Feher Tamas wrote:
Hello,Fully self-contained harmless *.exe: CAUTION: back up notepad.exe before opening http://www.malware.com/self-exec.zipKaspersky Antivirus says: TrojanDropper.VBS.Inor.i I wouldn't call this malware harmless. Please remove it!
Who cares what av-vendors say about certain files? A certain crappy antivirus solution will most likely flag this email as some sort of virus because of this string: $freebsd_string = $nop x $len . $ret x 2 . $nop x 1000 . $shellcode; ..at least it works if people use mirc and have logging enabled. crappy. -- kokanin _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Feher Tamas (Nov 11)
- Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Valdis . Kletnieks (Nov 11)
- Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Jeremiah Cornelius (Nov 11)
- Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Georgi Guninski (Nov 11)
- Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Knud Erik Hojgaard (Nov 11)
- <Possible follow-ups>
- RE: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Nick Jacobsen (Nov 11)
- RE: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 bipin gautam (Nov 11)