Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: New Malware for MS06-047 - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Malware for MS06-047
Juha-Matti dropped us a note regarding some new malware and the links for the Symantec and Trend Micro descriptions.

Shortly after, we heard from Sergio de los Santos from Virustotal who gave us some additional information:

We have detected a new malware for MS06-047 vulnerability.

It comes with a name syosetu.doc with 107.520 bytes. Hash MD5 is
7443358555983341CB9BB12BB0A0A191

Today, only a few AV can detect it (via virustotal):

W97M/ProjMod!exploit (eTrust-Vet), W32/Bgent.ZE!tr (Fortinet ),
Exploit-OleModule (McAfee), Exploit:Win32/Ponaml.gen (Microsoft),
Trojan.Mdropper (Symantec), TROJ_MDROPPER.BK (TrendMicro).

Thanks Juha-Matti and Sergio!
Chris

140 Posts

Sign Up for Free or Log In to start participating in the conversation!