Network Security: Detailed info on [Full-Disclosure] Heads up: Possible lsass worm in the wild

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

[Full-Disclosure] Heads up: Possible lsass worm in the wild

from [Feher Tamas] Network Security

[Permanent Link]

Subject:	[Full-Disclosure] Heads up: Possible lsass worm in the wild
Date:	Fri, 30 Apr 2004 11:18:19 +0200 (CEST)

Hello,

for those interested in a sample, it may be obtained at
http://exploit.nothackers.org/msiwin84-lsass.zip


Kaspersky AV say: Agobot.GEN (heuristic match)
Trend Micro AV says: WORM_AGOBOT.JF (exact match)

BTW, Trend Micro says the Agobot (alias Gaobot/Phatbot) malware 
family has over 900 variants. F-Secure says there are 450 members. 
Anyhow, there are many subtle variants and Agobot is the most 
populous family ever. VXers willing, it may even reach Agobot.JFK some 
time...

Sincerely: Tamas Feher.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-Disclosure] Heads up: Possible lsass worm in the wild, morning_wood [Full-Disclosure] Re: [0day] Heads up: Possible lsass worm in the wild, Darren Bounds Re: [Full-Disclosure] Heads up: Possible lsass worm in the wild, insecure Re: [Full-Disclosure] Heads up: Possible lsass worm in the wild, morning_wood Re: [Full-Disclosure] Heads up: Possible lsass worm in the wild, Paul Tinsley [Full-Disclosure] Heads up: Possible lsass worm in the wild, Feher Tamas RE: [Full-Disclosure] Heads up: Possible lsass worm in the wild, Randal, Phil [Full-Disclosure] Heads up: Possible lsass worm in the wild, Feher Tamas <= [Full-Disclosure] Heads up: Possible lsass worm in the wild, Feher Tamas

Previous by Date:	Re: [Full-Disclosure] forgotten credit, Bugtraq Security Systems
Next by Date:	[Full-Disclosure] Heads up: Possible lsass worm in the wild, Feher Tamas
Previous by Thread:	RE: [Full-Disclosure] Heads up: Possible lsass worm in the wild, Randal, Phil
Next by Thread:	[Full-Disclosure] Heads up: Possible lsass worm in the wild, Feher Tamas
Indexes:	[Date] [Thread] [Top] [All Lists]