Email messages that are related to this threat (RuleID9997 and RuleID9997KVR) may contain the following files:
tompmcmeekan.zip
tompmcmeekan.exe
tntcarlo.zip
tntcarlo.exe
The tompmcmeekan.exe in the tompmcmeekan.zip file has a file size of 231,936 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xF6D98F7BF217B1F9E574DFEAD2E83A9F
The tntcarlo.exe file in the tntcarlo.zip attachment has a file size of 232,960 bytes. The MD5 checksum is the following string: 0x4F8817EFA9ED7D055833D43FE83A22A8
The following text is a sample of the email message that is associated with this threat outbreak:
Subject: Greetings , your Facebook login name is blocked. 67446
more here...........http://tools.cisco.com/security/center/viewAlert.x?alertId=34254
tompmcmeekan.zip
tompmcmeekan.exe
tntcarlo.zip
tntcarlo.exe
The tompmcmeekan.exe in the tompmcmeekan.zip file has a file size of 231,936 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xF6D98F7BF217B1F9E574DFEAD2E83A9F
The tntcarlo.exe file in the tntcarlo.zip attachment has a file size of 232,960 bytes. The MD5 checksum is the following string: 0x4F8817EFA9ED7D055833D43FE83A22A8
The following text is a sample of the email message that is associated with this threat outbreak:
Subject: Greetings , your Facebook login name is blocked. 67446
more here...........http://tools.cisco.com/security/center/viewAlert.x?alertId=34254