[Emerging-Sigs] Unknown Trojan, Possible ZeuS?

Blake Hartstein urule99 at gmail.com
Wed Oct 20 14:34:50 EDT 2010

The message.php?.... URI looks like its part of an exploit kit, and not
part of the malware (or dropper) itself. Are you sure this didn't come
from visiting a malicious URL and the exploit kit sent you there?

That seems like the most likely scenario to me, usually requests like
these return MZ executable files.

On 10/20/2010 2:06 PM, Eoin Miller wrote:
> Don't know the name/type of dropper for this though, and the reports 
> seem to have various names for it.

More information about the Emerging-sigs mailing list