Re: [klmtfs () pridemail com: Your Online Greeting Awaits You!]

[Mark Collins <me () thisisnurgle org uk>]

On Sunday 12 August 2001 10:05, diphen () agitation net wrote:
> Has anyone run across this before? It showed up in one of my other email
> accounts this evening. When you go to the site it displays a message
> about 'Image Browser Not Supported'. What this links to is a file called
> american.exe. It appears to be a win32 binary containing some sort of
> file archive. Unfortunately I don't have good facilities (or expertise,
> really) for figuring out what this thing does. If anyone with more
> windows expertise wants to take a look, you can grab the file from the
> site, or I can forward a copy. I'm guessing it's some sort of trojan.
>
> (The reason this makes me suspicious is that the rest of the site appears
> to be entirely bogus. The first supplied url is www.greetingcardsusa.cc,
> but all the links from the page go to americangreetingz.net, which
> doesn't resolve. Also, the american.exe link is just an ip. It
> reverse-resolves to paypalgreen.com, which also looks rather weird.)

I have recieved one in the past, but the site did exist back then. This was a 
couple of months ago though.

I had no idea who the message was from...

Nurgle

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com