[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Info about HTA file [spam or malware ?]

To: Dev Anand <deva.security@xxxxxxxxx>
Subject: Re: [Full-disclosure] Info about HTA file [spam or malware ?]
From: Vishweshwar S Singh Deo <vssinghdeo@xxxxxxxxx>
Date: Mon, 18 Sep 2006 17:17:55 +0530

Hi.

Just wanted to check on the source of the mail. Can you paste the
header, just to make sure it got via the yahoo domain.

regards

Vishweshwar

Dev Anand wrote:
> Hi All,
> 
> Well two days back we received an email from  noreply@xxxxxxxxx with an
> username and password and a .hta attachment called mail.zip which contained
> a hta file .
> 
> 
> This attachment contains a zip file with name mail.zip and size of *2020
> bytes* and MD5sum of *3a348133a7c4ad8d8030a02c5fa886e3. *This zip file
> contains a file *message.hta [*html application*] and*  size of *3155
> bytes*MD5sum is
> *dc7172ab522da1e20f73c575d1f8d96c*
> 
> Anybody can shed some light on this .
> 
> Thanks in advance.
> 
> *Deva*
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 


-- 
regards

Vishweshwar S Singh Deo

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Info about HTA file [spam or malware ?]
  - From: Dev Anand

Prev by Date: [Full-disclosure] dnsmap: subdomain bruteforcer for stealth enumeration
Next by Date: [Full-disclosure] USB Attacks Going Commercial?
Previous by thread: [Full-disclosure] Info about HTA file [spam or malware ?]
Next by thread: [Full-disclosure] [FON (fon.com)] serious security problem: sniff anyone's login
Index(es):
- Date
- Thread