On Sunday 12 August 2001 10:05, diphenat_private wrote: > Has anyone run across this before? It showed up in one of my other email > accounts this evening. When you go to the site it displays a message > about 'Image Browser Not Supported'. What this links to is a file called > american.exe. It appears to be a win32 binary containing some sort of > file archive. Unfortunately I don't have good facilities (or expertise, > really) for figuring out what this thing does. If anyone with more > windows expertise wants to take a look, you can grab the file from the > site, or I can forward a copy. I'm guessing it's some sort of trojan. > > (The reason this makes me suspicious is that the rest of the site appears > to be entirely bogus. The first supplied url is www.greetingcardsusa.cc, > but all the links from the page go to americangreetingz.net, which > doesn't resolve. Also, the american.exe link is just an ip. It > reverse-resolves to paypalgreen.com, which also looks rather weird.) I have recieved one in the past, but the site did exist back then. This was a couple of months ago though. I had no idea who the message was from... Nurgle ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Aug 12 2001 - 16:49:22 PDT