-
February 3rd, 2004, 05:32 PM
#1
Strange Email Attachment Virus
I got an odd e-mail this morning. It's obviously a mail attachment virus/worm of some sort, but the e-mail doesn't seem to fit the typical MyDoom mailings. It's a "returned e-mail" that says I had unsuccesfully sent out a message entitled "Server Report". From what I've read thus far I have heard of MyDoom pretending to be an undeliverable e-mail message, but not quite as specific as this one (as a "Server Report"?). The antivirus software did it's job of eliminating it well, so the actual attachment is gone (darn the luck, was hoping to play with it). But here's the text from the e-mail body:
----------------------------------------------------------------------------------------------------------
Your message
To: jose@nab.org
Subject: Server Report
Sent: Tue, 3 Feb 2004 07:51:58 -0500
did not reach the following recipient(s):
jose@nab.org on Tue, 3 Feb 2004 07:52:00 -0500
The recipient name is not recognized
The MTS-ID of the original message is: c=us;a=
;p=ex-nab;l=MAIL040203125111RVNT9D
MSEXCH:IMS:EX-NAB:WASHDC:MAIL 0 (000C05A6) Unknown Recipient
*** Original Email:
From: james@hutchinson-ifrah.com
To: jose@nab.org
Subject: Server Report
Date: Tue, 3 Feb 2004 07:51:58 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
X-MS-Embedded-Report:
Content-Type: multipart/mixed;
Mail transaction failed. Partial message is available.
*** End Original Email
---------------------------------------------------------------------------------------------------------
Does this look familiar to anyone?
-
February 3rd, 2004, 05:35 PM
#2
Actually it does those too.
Source: Network Associates
From: (Spoofed email sender)
Do not assume that the sender address is an indication that the sender is infected. Additionally you may receive alert messages from a mail server that you are infected, which may not be the case.
Subject: (Varies, such as)
* Error
* Status
* Server Report
* Mail Transaction Failed
* Mail Delivery System
* hello
* hi
Body: (Varies, such as)
* The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
* The message contains Unicode characters and has been sent as a binary attachment.
* Mail transaction failed. Partial message is available.
Attachment: (varies [.bat, .exe, .pif, .cmd, .scr] - often arrives in a ZIP archive) (22,528 bytes)
* examples (common names, but can be random)
* doc.bat
* document.zip
* message.zip
* readme.zip
* text.pif
* hello.cmd
* body.scr
* test.htm.pif
* data.txt.exe
* file.scr
-
February 3rd, 2004, 06:01 PM
#3
Member
well....i made theart called latest virus threats...i think u should check it out and here is this link it might help u find it.....
http://securityresponse.symantec.com...r/vinfodb.html
peace
-
February 3rd, 2004, 06:12 PM
#4
That's right, I overlooked "Server Report' being listed in there. Mystery solved!
-
February 3rd, 2004, 09:00 PM
#5
I got an odd e-mail this morning. It's obviously a mail attachment virus/worm of some sort, but the e-mail doesn't seem to fit the typical MyDoom mailings.
LOL...i just have to say it but i get like 500 mails a week lol...its a SBC Yahoo dsl mail and how come they dont block advertisement mails...anyways....never heard of that one....did your AV tell you its name?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|