[MLUG - DISCUSSION] clever virus trick

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: MLUG discussion <EMAIL:PROTECTED>
Subject: [MLUG - DISCUSSION] clever virus trick
From: Mike Miller <EMAIL:PROTECTED>
Date: Tue, 2 May 2006 08:04:35 -0500 (CDT)
Delivery-date: Tue, 02 May 2006 07:04:48 -0500
Envelope-to: EMAIL:PROTECTED
Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
Sender: EMAIL:PROTECTED

I received an email with subject "My Best Photo" and an attached file named Photo.zip. The email text read as follows:

Hi,
I want to share my photo with you.
Wishing you all the best.

The interesting part is what was in the Photo.zip file:

Archive:  Photo.zip
  inflating: Photo/Photo.bmp
 extracting: Photo/View-Photo.bat

The file View-Photo.bat consisted of one line:

Photo.bmp

The file Photo.bmp was some sort of executable binary file. When I look at strings Photo.bmp I see "MS-Outlook" in there, so I think this virus uses MS Outlook.

Anyway, I guess this means that Windows will execute a file without .exe, .com or .bat extension if it is called from within a batch file. People who receive this thing will try to open the Photo.bmp, but that will fail because it isn't a proper BMP file, so they will then click the View-Photo.bat file and they'll be screwed.

Mike

_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

Follow-Ups:
- Re: [MLUG - DISCUSSION] clever virus trick
  - From: "Vern Green" <EMAIL:PROTECTED>
- Re: [MLUG - DISCUSSION] clever virus trick
  - From: Rick <EMAIL:PROTECTED>

Prev by Date: [MLUG - DISCUSSION] [MLUG][Politics]The great immigration wash-out
Next by Date: Re: [MLUG - DISCUSSION] [MLUG][Politics]The great immigration wash-out
Previous by thread: RE: [MLUG - DISCUSSION] [MLUG][Politics]The great immigration wash-out
Next by thread: Re: [MLUG - DISCUSSION] clever virus trick
Index(es):
- Date
- Thread