Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

More File Selection Gaffes

Published: 2020-10-31
Last Updated: 2020-10-31 08:56:55 UTC
by Didier Stevens (Version: 1)
1 comment(s)

A reader submitted a file, that turned out to be a mass mailer project file used by malicious actors.

This malicious actor was not the only one mistakingly sending out their mass mailer project file: I found many other files.

What follows is an overview of various fake email templates defined in these mass mailer project files. Some of them are very basic, while others look exactly like legitimate emails.

I highlighted mailing variables ([[-Email-]], [[-Domain-]]) used in these templates.


Didier Stevens
Senior handler
Microsoft MVP

1 comment(s)
Diary Archives