Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Outlook virus again.

From: "Kayne Ian (Softlab)" <Ian.Kayne () softlab co uk>
Date: Wed, 19 Sep 2001 08:31:25 +0100
Hey all,
      I'm having fun with Outlook recently, I'm beginning to wonder if
there's something funny on my system that needs a rebuild. Anyway,
attached is an email I received. Very obviously a virus, be careful with
it. It does some strange behaviour:

- Opening the message brings up prompts that insinuate the (er?!?) email
is trying to download something from the net
- Without opening the email, and doing file-save in Outlook causes some
corruption of Outlook GUI & bad filenames.

It's also got part of a reg key in the subject.

I hexed it, it's got an exe attached to it, and does look a bit wierd. The
exe doesn't show up as an attachment, but it's there inside the mail.

What worries me more is this one skipped by the mailscanner it came
through, the normal viruschecker when saved to hd, and the problem
happened on both my and a users machine (mine with all the up to date
patches).

Just looking for someone to say "Yes it's the old one that came out last
year", or confirm it's something new... Either way I'll know where I
stand.


Note: BlueBoar asked me to add a password to the attached zip file, the
password is "outl0ok", thats all lower case, zero for the second o. 

As stolen from someone else: "Outlook not so good" - that Magic 8 Ball knows
everything, I'll ask it about Exchange server next...


Cheers!

Ian Kayne
Technical Specialist - IT Solutions
Softlab Ltd - A BMW Company


 <<Nasty.zip>> 



******************************************************************** 
This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom 
they are addressed. 

If you are not the intended recipient or the person responsible for 
delivering to the intended recipient, be advised that you have received 
this email in error and that any use of the information contained within 
this email or attachments is strictly prohibited. 

Internet communications are not secure and Softlab does not accept 
any legal responsibility for the content of this message. Any opinions 
expressed in the email are those of the individual and not necessarily 
those of the Company. 

If you have received this email in error, or if you are concerned with 
the content of this email please notify the IT helpdesk by telephone 
on +44 (0)121 788 5480. 

********************************************************************

Attachment: Nasty.zip
Description:

Previous By Date Next
Previous By Thread Next

Current thread: