Virus Threat: Round Two

Mark Henri · Aug 19, 2003

I'm getting multiple emails with an PIF attachment like this--

thank_you.pif
details.pif
your_details.pif
etc

When I opened them in a binary editor they have windows api calls in them.
Has anyone else seen them? Is this round two of the MSBlast.exe? Or
simply an unrelated/opportunistic attack?

Mark Henri

Mark Henri · Aug 19, 2003

Nevermind, it's just WORM_SOBIG.E

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SOBIG.
E

Ben W · Aug 19, 2003

It was just doscovered today....

http://vil.nai.com/vil/content/v_100561.htm

Marc Liron · Aug 19, 2003

This is a NEW mass mailing worm, details in this
informative article:

http://www.updatexp.com/sobig-worm-f.html

UPDATE your antivirus now - and do not open the
attachments....

Marc Liron
www.updatexp.com

Sending packets like crazy	2	Sep 9, 2003
Defeating Microsoft Windows XP SP2 Heap protection	1	Feb 2, 2005
CryptoLocker virus	3	Oct 24, 2013
Norton (NAV 2002) does not detect hotfix.exe as a threat even afterupdate	1	Dec 5, 2010
Viruses now in jpg files? Gif files?	94	Jan 3, 2006
Trojan Horse Peacomm ... morphing into a bugger	4	Jan 26, 2007
Stealth virus??	2	May 31, 2010
Storm Worm Botnet Lobotomizing Anti-Virus Programs	0	Oct 30, 2007

Virus Threat: Round Two

Mark Henri

Mark Henri

Ben W

Marc Liron

Ask a Question

Similar Threads