TIP: Click on subject to list as thread! ANSI
echo: alt-comp-anti-virus
to: ALL
from: VIRUS GUY
date: 2014-10-14 09:03:00
subject: Two more viral samples fr
The XimianEvolution spammer is back.  

      X-Mailer: XimianEvolution1.4.6

Forcing malware attachments into users mailboxes since July 2013.

Here's the VT scans:

https://www.virustotal.com/en/file/7c9623fb81b931c96625a87fcaee7c9f1285c08b270a
998a3f44bdb042a5a299/analysis/1413325902/

https://www.virustotal.com/en/file/53d1265f1d0a4d878f785edbba9272c96b134b36b306
8a57e6a48dbd6955098e/analysis/1413327084/

VT had not seen these before.  Detection scores - 24/54 and 26/54

The spam attachments are about 70-odd kb in size, too big to post to
usenet via AIOE (sorry Dustbin).

So if you want them, get them here:

http://filepost.com/files/e452d11c/Note_3199_copy.rar/

Identified variously as:

 - Aspxor (that's new to me)
 - BGAC
 - Zbot (when in doubt...)
 - Zortob
 - Weelsof
 - KULUOZ

Neither one was detected by malwarebytes.
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.