Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Malware for MS06-047
Juha-Matti dropped us a note regarding some new malware and the links for the Symantec and Trend Micro descriptions.

Shortly after, we heard from Sergio de los Santos from Virustotal who gave us some additional information:

We have detected a new malware for MS06-047 vulnerability.

It comes with a name syosetu.doc with 107.520 bytes. Hash MD5 is

Today, only a few AV can detect it (via virustotal):

W97M/ProjMod!exploit (eTrust-Vet), W32/Bgent.ZE!tr (Fortinet ),
Exploit-OleModule (McAfee), Exploit:Win32/Ponaml.gen (Microsoft),
Trojan.Mdropper (Symantec), TROJ_MDROPPER.BK (TrendMicro).

Thanks Juha-Matti and Sergio!

140 Posts
Aug 17th 2006

Sign Up for Free or Log In to start participating in the conversation!