Threat Level: green Handler on Duty: Chris Mohan

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Malware for MS06-047

Published: 2006-08-17
Last Updated: 2006-08-17 15:04:40 UTC
by Chris Carboni (Version: 1)
0 comment(s)
Juha-Matti dropped us a note regarding some new malware and the links for the Symantec and Trend Micro descriptions.

Shortly after, we heard from Sergio de los Santos from Virustotal who gave us some additional information:

We have detected a new malware for MS06-047 vulnerability.

It comes with a name syosetu.doc with 107.520 bytes. Hash MD5 is
7443358555983341CB9BB12BB0A0A191

Today, only a few AV can detect it (via virustotal):

W97M/ProjMod!exploit (eTrust-Vet), W32/Bgent.ZE!tr (Fortinet ),
Exploit-OleModule (McAfee), Exploit:Win32/Ponaml.gen (Microsoft),
Trojan.Mdropper (Symantec), TROJ_MDROPPER.BK (TrendMicro).

Thanks Juha-Matti and Sergio!
Keywords:
0 comment(s)
Diary Archives