Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"happy New Year" Warezov Variant


  • Please log in to reply
2 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,744 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:49 PM

Posted 26 December 2006 - 10:09 AM

A new Warezov spam run is underway, using a "Happy New Year" postcard as a disguise.
The attachment is called postcard.zip...

See more info here:
http://www.f-secure.com/weblog/archives/ar...6.html#00001059
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:49 PM

Posted 29 December 2006 - 12:39 PM

This new virus infected email message is currently circulating and should be avoided

Luder.A - Happy New Year message with postcard.exe attachment
http://www.f-secure.com/v-descs/luder_a.shtml
http://www.trendmicro.com/vinfo/virusencyc...RM%5FNUWAR%2EAY
http://www.sophos.com/security/analyses/w32drefu.html
http://www.incidents.org/diary.php?storyid=1987

EMAIL TO AVOID
Subject: Happy New Year!
Message body: {blank}
Attachment: postcard.exe

#3 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,744 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:49 PM

Posted 31 December 2006 - 08:14 AM

...These variants may be changing the subject lines, but are definately changing the executable name...Known variations are as follows:

postcard.exe
Postcard.exe
greeting card.exe
Greeting Card.exe
greeting postcard.exe
Greeting Postcard.exe

Subject lines appear to be changing with a much larger bank of possibilities...

Annual Fun Forecast!
Baby New Year!
Best Wishes For A Happy New Year!
Fun 2007!
Fun Filled New Year!
Happiness And Continued Success!
Happiness And Success!
Happiness In Everything!
Happy 2007!
Happy New Year!
Happy Times And Happy Memories!
May Your Dreams Come True!
New Hopes And New Beginnings!
New Year... Happy Year!
Promises Of Happy Times!
Raising A Toast To Happy Times!
Scale Greater Heights!
Sparkling Happiness And Good Times!
Warm New Year Hug!
Warmest Wishes For New Year!
Welcome 2007!
Wish You Smiles And Good Cheer!
Wishing You Happiness!
Wishing You Happy New Year!...

http://isc.sans.org/diary.php?storyid=1988&rss
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users