Re: need analysis on downloaded javascript - security threat - threat.zip
- From: David McDivitt <david-del@xxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 30 Jun 2007 15:16:47 -0500
Thanks for that. I never get any viruses on my machine, and pay close
attention. I was surprised when the exe file was written, and was curious
whether this is a new technique. Not knowing to what extent my machine is
infected, I've been running free virus scanners from different sites to see
if anything's found, in addition to the one I subscribe to. Nothing has been
found yet, which really irks me. I was prompted to allow internet access for
the exe, otherwise it surely would have hooked up and downloaded more code.
I don't think anything is left on my machine, but if a new threat, it
wouldn't be detected.
From: Spamless <Spamless@xxxxxxx>
Date: 30 Jun 2007 19:57:39 GMT
Lines: 102
On 2007-06-30, David McDivitt <david-del@xxxxxxxxxxxxxxxxxxxx> wrote:
I received an email telling me to read a greeting card sent by a family
member. Upon going to the website, my firewall prompted me, saying the
The Javascript tries a few things. It tries the MD2C() exploits,
for various items which may have exploitable classID which will
allow xmlHTTP to get a file, use ADODB.Stream to save to a file
and WScript to run it. The file it tries to get is
--
dgm
.
- References:
- Prev by Date: Re: need analysis on downloaded javascript - security threat - threat.zip
- Next by Date: Re: get characters before and after "token"?
- Previous by thread: Re: need analysis on downloaded javascript - security threat - threat.zip
- Index(es):
Relevant Pages
|
