ScratchyClaws
16.02.2007, 21:54
пришло сообщение
ОТ:brian <[email protected]>
КОМУ:[email protected]
ТЕМА:postcard
X-AntiVirus: Checked by Dr.Web [version: 4.33, engine: 4.33.44.01120, virus records: 172561, updated:
11.02.2007]
Return-Path: <[email protected]>
Delivered-To:[email protected]
Received: (qmail 10595 invoked from network); 15 Feb 2007 03:04:52 -0000
Received: from unknown (HELO arkady) (72.225.162.103)
by mars2.netlogic.ru with SMTP; 15 Feb 2007 03:04:52 -0000
Received: (qmail 2611 invoked by uid 0); Wed, 14 Feb 2007 22:02:53 -0000)
Received: from unknown (HELO rzyhyrip) (72.225.162.137)
by 72.225.162.103 with SMTP; Wed, 14 Feb 2007 22:02:53 -0000
Date: Wed, 14 Feb 2007 22:00:53 -0500
From: brian <[email protected]>
Mime-Version: 1.0
To: [email protected]
Subject: postcard
Content-Type: multipart/mixed;
boundary="-----------ECE3270B1E308D6F"
Hi, you.ve just received a postcard.
For:
ХХХ@menja.net
From:
---
Text:
Happy New Year!
Postcard:
Click on attachment to view a postcard.
----
Pre-holidays Postcards.
http://postcards.wired2000.net/
Внутри postcard.zip 10378 байт
а в нём -
AntiVir 7.3.1.37 02.16.2007 TR/Dldr.Stration.Gen
Authentium 4.93.8 02.15.2007 W32/Warezov.HV
Avast 4.7.936.0 02.16.2007 Win32:Warezov-ASQ
AVG 386 02.16.2007 Downloader.Generic3.QAC
BitDefender 7.2 02.16.2007 Trojan.Downloader.Stration.F
CAT-QuickHeal 9.00 02.16.2007 I-Worm.Warezov.lc
ClamAV devel-20060426 02.16.2007 Trojan.Small-1058
DrWeb 4.33 02.16.2007 Win32.HLLM.Limar
eSafe 7.0.14.0 02.16.2007 Win32.Warezov.lc
eTrust-Vet 30.4.3405 02.16.2007 Win32/Stration!ZIP!generic
Ewido 4.0 02.16.2007 Worm.Warezov.lc
Fortinet 2.85.0.0 02.16.2007 W32/Tibs.gen
F-Prot 4.2.1.29 02.16.2007 W32/Warezov.HV
F-Secure 6.70.13030.0 02.16.2007 Email-Worm.Win32.Warezov.lc
Ikarus T3.1.0.31 02.16.2007 Email-Worm.Win32.Warezov.lc
Kaspersky 4.0.2.24 02.16.2007 Email-Worm.Win32.Warezov.lc
McAfee 4965 02.16.2007 New Malware.j
Microsoft 1.2204 02.16.2007 no virus found
NOD32v2 2066 02.16.2007 Win32/Stration.XL
Norman 5.80.02 02.16.2007 W32/DLoader.CAOM
Panda 9.0.0.4 02.16.2007 Trj/Spamtaload.DM
Prevx1 V2 02.16.2007 Malware:SysCovert
Sophos 4.14.0 02.16.2007 Troj/StraDl-D
Sunbelt 2.2.907.0 02.15.2007 no virus found
Symantec 10 02.16.2007 W32.Stration.CX@mm
TheHacker 6.1.6.059 02.16.2007 W32/Warezov.lc
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.16.2007 Worm.Win32.Stration.XL
VirusBuster 4.3.19:9 02.16.2007 Trojan.Opnis.Gen.41
Aditional Information
File size: 10381 bytes
MD5: 87e5c56717492834f7b1241dc0d30f64
SHA1: e55df38cfe9829a3b46e9211faeec2304bfa20ef
packers: UPX
packers: UPX
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=42ec77417194
и такое же пришло с brian <[email protected]>
Для желающих могу выдать сам файл
ОТ:brian <[email protected]>
КОМУ:[email protected]
ТЕМА:postcard
X-AntiVirus: Checked by Dr.Web [version: 4.33, engine: 4.33.44.01120, virus records: 172561, updated:
11.02.2007]
Return-Path: <[email protected]>
Delivered-To:[email protected]
Received: (qmail 10595 invoked from network); 15 Feb 2007 03:04:52 -0000
Received: from unknown (HELO arkady) (72.225.162.103)
by mars2.netlogic.ru with SMTP; 15 Feb 2007 03:04:52 -0000
Received: (qmail 2611 invoked by uid 0); Wed, 14 Feb 2007 22:02:53 -0000)
Received: from unknown (HELO rzyhyrip) (72.225.162.137)
by 72.225.162.103 with SMTP; Wed, 14 Feb 2007 22:02:53 -0000
Date: Wed, 14 Feb 2007 22:00:53 -0500
From: brian <[email protected]>
Mime-Version: 1.0
To: [email protected]
Subject: postcard
Content-Type: multipart/mixed;
boundary="-----------ECE3270B1E308D6F"
Hi, you.ve just received a postcard.
For:
ХХХ@menja.net
From:
---
Text:
Happy New Year!
Postcard:
Click on attachment to view a postcard.
----
Pre-holidays Postcards.
http://postcards.wired2000.net/
Внутри postcard.zip 10378 байт
а в нём -
AntiVir 7.3.1.37 02.16.2007 TR/Dldr.Stration.Gen
Authentium 4.93.8 02.15.2007 W32/Warezov.HV
Avast 4.7.936.0 02.16.2007 Win32:Warezov-ASQ
AVG 386 02.16.2007 Downloader.Generic3.QAC
BitDefender 7.2 02.16.2007 Trojan.Downloader.Stration.F
CAT-QuickHeal 9.00 02.16.2007 I-Worm.Warezov.lc
ClamAV devel-20060426 02.16.2007 Trojan.Small-1058
DrWeb 4.33 02.16.2007 Win32.HLLM.Limar
eSafe 7.0.14.0 02.16.2007 Win32.Warezov.lc
eTrust-Vet 30.4.3405 02.16.2007 Win32/Stration!ZIP!generic
Ewido 4.0 02.16.2007 Worm.Warezov.lc
Fortinet 2.85.0.0 02.16.2007 W32/Tibs.gen
F-Prot 4.2.1.29 02.16.2007 W32/Warezov.HV
F-Secure 6.70.13030.0 02.16.2007 Email-Worm.Win32.Warezov.lc
Ikarus T3.1.0.31 02.16.2007 Email-Worm.Win32.Warezov.lc
Kaspersky 4.0.2.24 02.16.2007 Email-Worm.Win32.Warezov.lc
McAfee 4965 02.16.2007 New Malware.j
Microsoft 1.2204 02.16.2007 no virus found
NOD32v2 2066 02.16.2007 Win32/Stration.XL
Norman 5.80.02 02.16.2007 W32/DLoader.CAOM
Panda 9.0.0.4 02.16.2007 Trj/Spamtaload.DM
Prevx1 V2 02.16.2007 Malware:SysCovert
Sophos 4.14.0 02.16.2007 Troj/StraDl-D
Sunbelt 2.2.907.0 02.15.2007 no virus found
Symantec 10 02.16.2007 W32.Stration.CX@mm
TheHacker 6.1.6.059 02.16.2007 W32/Warezov.lc
UNA 1.83 02.16.2007 no virus found
VBA32 3.11.2 02.16.2007 Worm.Win32.Stration.XL
VirusBuster 4.3.19:9 02.16.2007 Trojan.Opnis.Gen.41
Aditional Information
File size: 10381 bytes
MD5: 87e5c56717492834f7b1241dc0d30f64
SHA1: e55df38cfe9829a3b46e9211faeec2304bfa20ef
packers: UPX
packers: UPX
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=42ec77417194
и такое же пришло с brian <[email protected]>
Для желающих могу выдать сам файл