Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

YaY popup

Published: 2007-01-12
Last Updated: 2007-01-12 04:36:44 UTC
by Swa Frantzen (Version: 2)
0 comment(s)
We're seeing an outbreak of some malware causing pop-ups. It's possibly caused by a file USB.EXE, we're not sure if this is the only name used.

This new beastie is rather obnoxious: it seems to overwrite system binaries such as system tray tools, anti-virus software, instant messaging software, ... It also seems to hijack Internet Explorer and might be calling home that way.
We're currently seeking more information regarding the intial infection vector so if you have anything to share on how the thing started (Email, IM, web, ...) and have some pointers there, we'd be much obliged.

MD5:  562eacac46c54b273b42e8b8d89f2782
SHA1: 31dc9ce30a2ddd9dc2c080835f29c0482937f4f6
0 comment(s)
Diary Archives