New virus?

Steve Freegard steve.freegard at LBSLTD.CO.UK
Mon Nov 3 11:05:37 GMT 2003


It's Mimail-F and I've caught a few of these this morning (all have come
from a HK Cable TV subnet):

Showing records 1 to 4 of 4
Date/Time         ID             From     To      Subject
Size   Score Status
03/11/03 10:52:48 hA3Aq9LV014955 john at xxx xxx at xxx don't be late! ygxesmwl
15.9Kb 12.05 Spam, Virus (W32/Mimail-F)
03/11/03 10:50:45 hA3AoMLV014806 john at xxx xxx at xxx don't be late! morzwkwa
15.9Kb 12.05 Spam, Virus (W32/Mimail-F)
03/11/03 04:11:07 hA34B2bx031518 john at xxx xxx at xxx don't be late! polawaqa
15.9Kb 12.05 Spam, Virus (W32/Mimail-F)
03/11/03 04:10:05 hA349nbx031433 john at xxx xxx at xxx don't be late! xiianuqz
15.9Kb 12.05 Spam, Virus (W32/Mimail-F)

According to Sophos - I got the mimail-f IDE at 0214 this morning and have
just got an IDE for mimail-h at 1023.

Kind regards,

Steve Freegard
Systems Manager
Littlehampton Book Services Ltd.

-----Original Message-----
From: Remco Barendse [mailto:mailscanner at BARENDSE.TO]
Sent: 03 November 2003 10:00
Subject: Re: New virus?

I think it's a variant of Mimail.e because they are all sent from john at .....

I now just totally blocked .zip files :)

On Mon, 3 Nov 2003, Spicer, Kevin wrote:

> Remco Barendse wrote:
> > We just received several messages that all contain a zip file. The
> > df message is pasted below.
> I think its probably MiMail-C  My Sophos is picking it up but clam is
> not.
> BMRB International
> +44 (0)20 8566 5000
> _________________________________________________________________
> This message (and any attachment) is intended only for the recipient
> and may contain confidential and/or privileged material.  If you have
> received this in error, please contact the sender and delete this
> message immediately.  Disclosure, copying or other action taken in
> respect of this email or in reliance on it is prohibited.  BMRB
> International Limited accepts no liability in relation to any personal
> emails, or content of any email which does not directly relate to our
> business.

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender and delete the message from your mailbox.

This footnote also confirms that this email message has been swept by
MailScanner ( for the presence of computer viruses.

More information about the MailScanner mailing list