Threat alert: Fake Flash greeting card

Cisco Security Intelligence Operations has detected serious activity related to spam e-mail messages that claim to contain a greeting card.

The text in the spam message instructs the recipient to view the attached card. The .zip attachment contains a .scr file that, when executed, attempts to infect the system with malicious software.

E-mail messages that are related to this threat may contain the following files:

card.zip
C:flash.scr

The .scr file in the .zip attachment has a file size of 2,048 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x10D565A787A07D0F9724931EBA12EC3F

The following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject

I Love You

Message Body

Hi.
Somebody send you a flash card 😉
Bye




Share this