1 reply to this topic

[MysteryFCM]

Just arrived via e-mail;

Subject: [SPAM] You have just received a virtual postcard from a friend !

  

You have just received a virtual postcard from a friend !

.

You can pick up your postcard at the following web address:

.

Click here to pick up your postcard <http://216.122.59.222/~diego/E-Greetings.exe> 

.

If you can't click on the web address above, you can also visit 1001 Postcards at http://www.postcards.org/postcards/
and enter your pickup code, which is: d21-sea-sunset

.

(Your postcard will be available for 60 days.)

.

Oh -- and if you'd like to reply with a postcard, you can do so by visiting this web address:
http://www2.postcards.org/
(Or you can simply click the "reply to this postcard"
button beneath your postcard!)

.

We hope you enjoy your postcard, and if you do, please take a moment to send a few yourself!

.

Regards,
1001 Postcards
http://www.postcards.org/postcards/

http://hosts-file.ne...=216.122.59.222

[Jaxryley]

Quote

File E-Greetings.exe received on 05.03.2009 02:44:41 (CET)
Current status: finished
Result: 34/40 (85.00%)

Virus Total
File size: 974240 bytes

Drops a hidden folder with a recycle bin icon which contains a spoolsv.exe and other items.

Quote

File spoolsv.exe received on 05.03.2009 02:47:54 (CET)
Current status: finished
Result: 18/41 (43.90%)

Virus Total
File size: 1790464 bytes

hxxp://rapidshare.com/files/228470151/E_Greetings_and_Dropped_Folder.rar.html