[Dshield] Possible Virus......??

Johannes B. Ullrich jullrich at sans.org
Mon Mar 18 15:02:13 GMT 2002

Hash: SHA1

send me the file off list. However, it is possible that the email used a 
chinese character set. Windows automatically downloads the necessary fonts
and such if it encounters such an email.

> One of my colleagues received an email from test at test.com.tw when the email
> was opened it launhed a web-site and commenced downloading a file - It
> didn't display the name of the file, and the download was cancelled before
> it was able to continue. I checked the source of the email (It was in HTML)
> and it pointed to a site called callin.net. The remainder of the email was
> all in stragnge random characters, and there was a type of form at the base
> of the email.
> I ran a virus scan on the computer (McCafee) and it didn't find anything
> unusual. Does anyone have any thoughts? It may be completely harmless, but I
> am not a fan of executable emails. Was thinking of sending the URL to
> McCaffee suport, for them to investigate.
> Thanks,
> James
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list

- -- 
- -------
jullrich at sans.org                    Join http://www.DShield.org
                          Distributed Intrusion Detection System

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


More information about the list mailing list