TIP: Click on subject to list as thread! ANSI
echo: alt-comp-anti-virus
to: ALL
from: VIRUS GUY
date: 2014-10-10 09:50:00
subject: Two Viral Samples (Oct 10
Here's a couple more "notice to appear" files:

https://www.virustotal.com/en/file/ac757dbceb00337faff1d44e7385ab223c1fc28035fe
58be3997ede9fd25bda3/analysis/1412979983/

https://www.virustotal.com/en/file/31267d898c2dd85110e678f0f91be5996c21ba1845ec
a73881c8fc8a9ed169fe/analysis/1412983728/

Download your copies here:

http://filepost.com/files/eb1med74/Note_9584_copy.rar/

The detection ratio for them are 27/55 and 37/55.

One of them came in Wed. Oct 8 / 7 pm, the other at 1 am today.

VT hadn't seen these before I uploaded them.

Identified variously as:

Kuluoz
BCUZ
Asprox
Zortob
Kuluo
Aspxor
Picsys
Zbot

(when in doubt, call it Zbot I guess...)

Sending IP's:

70.97.1.181
70.114.178.120

Return-Paths: (which I know are just creative garbage)
  operatorNNN@lawyersinthecloud.com
  referenceNNN@lawyerscfo.com

Trend with this campaign is that Subject is always "Notice to appear"
and return-path always contains "lawyers" in the domain.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.