RE: [Declude.JunkMail] New MS updates & Bug Report emails making the rounds

Thu, 22 Jan 2004 10:32:20 -0800

Title: Message
Doug, that looks very, very much like SWEN.  TrendMicro records 3 variants:
 
 
Andrew.
-----Original Message-----
From: Doug Anderson [mailto:[EMAIL PROTECTED]
Sent: Thursday, January 22, 2004 8:13 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [Declude.JunkMail] New MS updates & Bug Report emails making the rounds

Thought I'd warn everyone
Some different/newer (I haven't seen it before) versions of two emails are floating around 
 
#1
From Microsoft Corporation Network Security
to Commercial customer
No subject
Attachment "UPGRADE88.exe"
It claims to be updates from microsoft.
 
#2
From Internet Delivery Service
To Net Recipient
Subject Bug Report
Text : I'm sorry the message returned below could not be delivered to the following addresses:
Attachment "ctge.exe"
 
They making the rounds. There were older versions, that we were catching....but they've changed it a bit
 
So watch out.
 
Headers are
 
#1
Received: from FE-mail03.sfg.albacom.net [213.217.149.83] by mail.ameripride.org with ESMTP
  (SMTPD32-8.05) id A2A9E2A0166; Thu, 22 Jan 2004 00:50:17 -0600
Received: from wyadonm (217.220.55.169) by FE-mail03.sfg.albacom.net (7.0.009)
        id 400CF7D10001F68F; Thu, 22 Jan 2004 07:48:41 +0100
Date: Thu, 22 Jan 2004 07:48:41 +0100 (added by [EMAIL PROTECTED])
Message-ID: <[EMAIL PROTECTED]> (added by [EMAIL PROTECTED])
FROM: "Microsoft Corporation Network Security Center" <[EMAIL PROTECTED]>
TO: "Commercial Customer" <[EMAIL PROTECTED]>
SUBJECT: 
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="nxjzttswpsxvy"
X-RBL-Warning: GIBBERISH: Message failed GIBBERISH test (line 137, weight 0)
X-RBL-Warning: ANTI-GIBBERISH: Message failed ANTI-GIBBERISH test (line 106, weight 0)
X-Declude-Sender: [EMAIL PROTECTED] [213.217.149.83]
X-Declude-Spoolname: D72a90e2a01660543.SMD
X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam.
X-Spam-Tests-Failed: GIBBERISH, ANTI-GIBBERISH [0]
X-Note: This E-mail was sent from FE-mail03.albacom.net ([213.217.149.83]).
X-RCPT-TO: xxxxxxxxxxxxxx
Status: U
X-UIDL: 373063459
 
(at the end of the email)
 
Content-Type: application/x-msdownload;  n a m e = " U P G R A D E 8 8 . e x e "
Content-Transfer-Encoding: base64
Content-Disposition: attachment
 
#2
Received: from FE-mail04.sfg.albacom.net [213.217.149.84] by mail.ameripride.org with ESMTP
  (SMTPD32-8.05) id A3A6E3A0166; Thu, 22 Jan 2004 00:54:30 -0600
Received: from xkxxp (217.220.55.169) by FE-mail04.sfg.albacom.net (7.0.009)
        id 400CB88400024360; Thu, 22 Jan 2004 07:52:18 +0100
Date: Thu, 22 Jan 2004 07:52:18 +0100 (added by [EMAIL PROTECTED])
Message-ID: <[EMAIL PROTECTED]> (added by [EMAIL PROTECTED])
FROM: "Internet Delivery System" <[EMAIL PROTECTED]>
TO: "Net Recipient" <[EMAIL PROTECTED]>
SUBJECT: Bug Report
Mime-Version: 1.0
Content-Type: multipart/alternative;
 boundary="fxsnozzuqz"
X-RBL-Warning: GIBBERISH: Message failed GIBBERISH test (line 137, weight 0)
X-RBL-Warning: ANTI-GIBBERISH: Message failed ANTI-GIBBERISH test (line 106, weight 0)
X-Declude-Sender: [EMAIL PROTECTED] [213.217.149.84]
X-Declude-Spoolname: D73a60e3a0166e227.SMD
X-Note: This E-mail was scanned by Declude JunkMail (www.declude.com) for spam.
X-Spam-Tests-Failed: GIBBERISH, ANTI-GIBBERISH [0]
X-Note: This E-mail was sent from FE-mail04.albacom.net ([213.217.149.84]).
X-RCPT-TO: xxxxxxxxxxxxxxxxxxx
Status: U
X-UIDL: 373063460
 
(at the end of the email)
 
Content-Type: audio/x-wav;  n a m e = " c t g e . e x e "
Content-Transfer-Encoding: base64
Content-Id: <qfrsqcgf>
 

Reply via email to