Re: Finding out who owns particular IP addresses

[Octavian Popescu <octav () HIDEOUT ART RO>]

Well,it looks like you received the Hybris virus in one of it's many
forms.
In the last time,it is ussually sent as an attachment with a random
name,composed of eight capitalized letters. Some of the previous
attachment names included joke.exe,dwarf4you.exe,midget.scr and appeared
to be sent from "hahaha () sexyfun net".
Visit www.sexyfun.net for more details - some hosting company bought
the domain and posted some info related to this virus.

--
Octavian Popescu
http://hideout.art.ro

On Thu, 11 Jan 2001, Smith, Lonnie wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>  I deleted it but some one else just emailed me and they knew what it
>  was the attachment was "GBHPBJGH.EXE"  and he said that his wont
>  have headers aswell. Thanks LONNIE
>
> - -----Original Message-----
> From: Octavian Popescu [mailto:octav () HIDEOUT ART RO]
> Sent: Thursday, January 11, 2001 9:11 PM
> To: INCIDENTS () SECURITYFOCUS COM
> Subject: Re: Finding out who owns particular IP addresses
>
>
> Can you just paste the header? (it must show at least the last mx it
> passed through)
>
> On Thu, 11 Jan 2001, Smith, Lonnie wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Is anyone aware of an email with absolutely no header? I received a
> > email with an exe. attachment with no header at all. Wouldn't even
> > show me the mail exchangers it went thru?
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGPfreeware 6.5.8 for non-commercial use
> > <http://www.pgp.com>
> >
> > iQA/AwUBOl4tyB3TooPmG5KtEQJjEgCgysb6lZABduu7hUxdQ7HJPsw95EsAoPL/
> > PIdLqOqqxRGmwXf1LKBtTf07
> > =w5HJ
> > -----END PGP SIGNATURE-----
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBOl5VlR3TooPmG5KtEQJ+yQCeM8oIaKFtxqjhVfZqPrASLOUfjlEAoOwj
> 6UYQIPhSUE8iY8OvHW8kuaSn
> =NSJf
> -----END PGP SIGNATURE-----