[Esa-l] New worm?
John D. Hardin
jhardin at impsec.org
Wed Apr 25 11:14:10 PDT 2001
On Wed, 25 Apr 2001, Brett Glass wrote:
> Note that there was no "From:" header -- a sure sign that
> something very odd was going on. There was also an attachment with
> the name
>
> EGFCHDEG.EXE
>
> Anyone know what this is? The MIME boundary fits the pattern for
> Hybris, and the string HYBRIS appears early in the binary, so I'm
> assuming that this is a Hybris variant. But John's sanitizer
> didn't quarantine the message. Fortunately, most of our users
> aren't foolish enough to open up an attachment that doesn't even
> say who it's from....
It didn't? Could you zip up the whole thing and send me a copy?
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
jhardin at wolfenet.com pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
An entitlement beneficiary is a person or special interest group
who didn't earn your money, but demands the right to take your
money because they *want* it.
-- John McKay, _The Welfare State:
No Mercy for the Middle Class_
-----------------------------------------------------------------------
1287 days until the Presidential Election
More information about the esd-l
mailing list