[Dshield] Possible Virus......??
Johannes B. Ullrich
jullrich at sans.org
Mon Mar 18 15:02:13 GMT 2002
-----BEGIN PGP SIGNED MESSAGE-----
send me the file off list. However, it is possible that the email used a
chinese character set. Windows automatically downloads the necessary fonts
and such if it encounters such an email.
> One of my colleagues received an email from test at test.com.tw when the email
> was opened it launhed a web-site and commenced downloading a file - It
> didn't display the name of the file, and the download was cancelled before
> it was able to continue. I checked the source of the email (It was in HTML)
> and it pointed to a site called callin.net. The remainder of the email was
> all in stragnge random characters, and there was a type of form at the base
> of the email.
> I ran a virus scan on the computer (McCafee) and it didn't find anything
> unusual. Does anyone have any thoughts? It may be completely harmless, but I
> am not a fan of executable emails. Was thinking of sending the URL to
> McCaffee suport, for them to investigate.
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
jullrich at sans.org Join http://www.DShield.org
Distributed Intrusion Detection System
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the list