Sophos

Download Windows 7 security - A great leap forward or business as usual?

« Sophos Alert detected as a virus? No cause for concern. Scarcity of Imagination Leads to Anachronistic Campaign Syndrome »

The Height of Arrogance

Journal entry - 10/11/2007

14:58 GMT

W32/Mabezat-A 

Odd virus (genuine parasitic, not generic malware). Quick to infect and spread via network shares and USBs.

15:16 GMT

Some standard social engineering tricks employed, eg folder icon, long, tempting filenames,

foldericon.jpg

hidden files,

hiddedfiles.JPG

hmmm, EXE-like (what is that “x”?) extension for host,

strangeextension2.JPG

etc.

15:26 GMT

But bizarre! Virus creates comprehensive log of infection activities (c:\1.txt).

1txt.JPG

15:30 GMT

Curious. Hiding or not hiding?

15:31 GMT

Perhaps the virus writer is saying “Find me and I shall reveal all”. How very arrogant!

Posted on November 10th, 2007 by SKM, SophosLabs UK
Filed under: General, Malware

Email this story to a friend   Digg   Reddit   Technorati   Slashdot   Facebook   Twitter   NewsVine   MySpace   Google   Live   Mixx   del.icio.us   StumbleUpon  

Download Windows 7 security - A great leap forward or business as usual?

Related posts