From: tclahr@br.ibm.com
Date: Fri Feb 08 2008 - 12:40:08 EST
upload your file over there and see the results... it runs a lot of stuff,
including filemon, AVs, regmon... etc
Obrigado / Regards
/*
* Thiago Canozzo Lahr; CEH; LPIC-1;
* Vulnerability Assessment Specialist;
* IBM ITDelivery Brazil - Security & Risk Management;
* Phone: +55 19 2132-7091;
*/
From:
"Jamie Riden" <jamie.riden@gmail.com>
To:
"poddima@yahoo.com" <poddima@yahoo.com>
Cc:
pen-test@securityfocus.com
Date:
06/02/2008 18:21
Subject:
Re: Suspecious JPEG Files
On 1 Feb 2008 17:09:24 -0000, poddima@yahoo.com <poddima@yahoo.com> wrote:
> Hello,
>
>
> I recieved via e-mail two JPEG files, one of them was not opened
properly (Default error message was displayed on the Windows Picture
Viewer).
>
> The sender is known to me, and I suspect he was trying to attack my
computer (I recieved also an infected executable file from him just a
short time before, and I didn't opened it).
>
>
> If anyone is interested in trying to analyse the files, I'd be mostly
grateful. Please contact me and I will send you the files.
Try submitting to www.virustotal.com - they will run 32 different AV
engines against them.
You can send them to me if you like - only gmail will screen them out
if it detects a virus. Still, that would be an answer to your question
:)
(Have you verified that they are in fact JPEGs and not some other image
format?)
cheers,
Jamie
-- Jamie Riden / jamesr@europe.com / jamie@honeynet.org.uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:23 EDT