interesting new virus, maybe???
Hank Nussbacher
hank at att.net.il
Sat Jan 10 16:51:48 UTC 2004
At 11:16 AM 09-01-04 -0800, Brennan_Murphy at NAI.com wrote:
>Send it in to AVERT. It's free analysis and will give you
>recommendations for how to deal with it:
>
>https://www.webimmune.net/default.asp
>
>...does require registration but again, it's free.
>
>or email it in per instructions here:
>
>http://vil.nai.com/vil/submit-sample.asp
>
>other vendors may have similar mechanisms.
If you get a new virus here are some addresses:
Command Software <virus at commandcom.com>
Computer Associates (US) <virus at ca.com>
Computer Associates (Vet/EZ) <ipevirus at vet.com.au>
DialogueScience (Dr. Web) <Antivir at dials.ru>
Eset (NOD32) <sample at nod32.com>
F-Secure Corp. <samples at f-secure.com>
Frisk Software (F-PROT) <viruslab at f-prot.com>
Grisoft (AVG) <virus at grisoft.cz>
H+BEDV (AntiVir): <virus at antivir.de>
Kaspersky Labs <newvirus at kaspersky.com>
Network Associates (McAfee) <virus_research at avertlabs.com>
Norman (NVC) <analysis at norman.no>
Sophos Plc. <support at sophos.com>
Symantec (Norton) <avsubmit at symantec.com>
Trend Micro (PC-cillin) <virus_doctor at trendmicro.com>
-Hank
>-----Original Message-----
>From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
>Scott Granados
>Sent: Friday, January 09, 2004 12:43 PM
>To: nanog at merit.edu
>Subject: interesting new virus, maybe???
>
>
>
>I'm not sure if anyone has seen this or if its just to early but.
>
>While opening mail, <not with a microsoft outlook product> I found
>something which looked different. The message was from pgp-public-key
>and
>said "Here is my key". When you look at the attachment its called
>youremail.doc.com obviously something meant to be executed. What struck
>
>me as different from the top was it wasn't from a support at microsoft or
>some such address it specifically mentioned pgp_public_key. Also, I
>obviously didn't try to run the code or do anything with it, it is 76 K
>in
>size and again called youremail.doc.com.
>
>I haven't tried a virus scanner against it yet but will later.
>
>Thanks
>
>Scott
More information about the NANOG
mailing list