Signature Detail

Short Name	POP3:EXT:DOT-EXE
Severity	High
Recommended	No
Recommended Action	Drop
Category	POP3
Release Date	2003/04/22
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

VIRUS: POP3 .EXE

This signature detects e-mail attachments with the extension ".exe" sent through POP3. This can indicate an incoming e-mail virus. EXEs (Executable files) contain one or more scripts. Attackers can create malicious executables, tricking the user into executing the file and infecting the system.

Extended Description

Files with .exe extensions can be executed directly by computers. These files may contain malicious content if received by e-mail.

References

URL: http://www.novatone.net/mag/mailsec.htm
URL: http://www.slipstick.com/addins/utilities/attsecup.htm
URL: http://www.cknow.com/vtutor/FileExtensions.html

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Release Date

Update Number

Supported Platforms

VIRUS: POP3 .EXE

Extended Description

References