|
There are reports on a new variant of Sober going around the net. Different antivirus vendors name it differently. But thanks to CME effort, it is identified as CME-151.
This variant uses different email messages randomly in either German or English. We have received several reports from our readers. One reader submitted to us with the email message as below: Danke für Ihre Mail .... Sie haben aber Ihre Mail wahrscheinlich falsch adressiert,,, nämlich an mich. Ich kenne sie aber nicht! Oder Ihr Provider hat die Mail falsch weiter geleitet!? Um mich zu entlasten, schicke ich Ihnen das (...) Foto wieder zurück. This virus arrives with one of the following attachment names: * KlassenFoto.zip * pword_change.zip Inside the ZIP archive is a file named PW_Klass.Pic.packed-bitmap.exe. You can check out more details from various antivirus vendors website: http://securityresponse.symantec.com/avcenter/venc/data/w32.sober.q@mm.html http://vil.nai.com/vil/content/v_136390.htm http://uk.trendmicro-europe.com/consumer/vinfo/encyclopedia.php?VName=WORM_SOBER.AC |
Koon Yaw 68 Posts Oct 6th 2005 |
| Thread locked Subscribe |
Oct 6th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
