Cisco Security Intelligence Operations has detected serious activity related to spam e-mail messages that claim to contain a greeting card.
The text in the spam message instructs the recipient to view the attached card. The .zip attachment contains a .scr file that, when executed, attempts to infect the system with malicious software.
E-mail messages that are related to this threat may contain the following files:
The .scr file in the .zip attachment has a file size of 2,048 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x10D565A787A07D0F9724931EBA12EC3F
The following text is a sample of the e-mail message that is associated with this threat outbreak:
I Love You
Somebody send you a flash card 😉