[Emerging-Sigs] Unknown Trojan, Possible ZeuS?

Blake Hartstein urule99 at gmail.com
Wed Oct 20 14:34:50 EDT 2010


Eoin,
The message.php?.... URI looks like its part of an exploit kit, and not
part of the malware (or dropper) itself. Are you sure this didn't come
from visiting a malicious URL and the exploit kit sent you there?

That seems like the most likely scenario to me, usually requests like
these return MZ executable files.
Blake

On 10/20/2010 2:06 PM, Eoin Miller wrote:
> Don't know the name/type of dropper for this though, and the reports 
> seem to have various names for it.



More information about the Emerging-sigs mailing list