Accepted Password!

Discussion in 'ESET Smart Security' started by stimulator32, Jun 11, 2009.

Thread Status:
Not open for further replies.
  1. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    Hello,

    what does this report mean?!

    untitled.JPG

    Many Thanks ..
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Mytob charasterics include fairly almost the description you've pointed out.

    You can read a extensive explanation over here.
     
  3. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    Hello Paul,

    I don't ask about Mytob, I ask about ESET's report that include the phrase 'Accepted Password' ..
     
  4. BFG

    BFG Registered Member

    Joined:
    Oct 27, 2004
    Posts:
    482
    Location:
    San Diego
    Hello,

    accepted-password.zip would have been the name of the attachment in the infected email.

    Paul was referring to this section of that article if I'm not mistaken.

    "The attached file consists of a base name followed by the extension ZIP. The worm may optionally create double extensions where the first extension is DOC, TXT or HTM and the final extension is BAT, CMD, PIF, SCR, EXE or ZIP. The base filenames are randomly chosen from:

    updated-password
    email-password
    new-password
    password
    approved-password
    account-password
    accepted-password
    important-details
    account-details
    email-details
    account-info
    document
    readme
    account-report
    <random characters>

    The zip file will contain the worm with double extension. The first extension will be one of DOC, HTM, TXT followed by spaces and the second extension is EXE, SCR or PIF. "


    BFG
     
  5. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    THATS'S RIGHT ..

    MANY THANKS TO PAUL AND BFG ..
     
Thread Status:
Not open for further replies.