On 2015-11-09 20:41, Carlos E. R. wrote:
On 2015-11-09 20:25, Per Jessen wrote:
It's not a trojan. It's javascript - to my knowledge, all javascript is run in sandboxes, even on Windows. Send me the whole thing and I'll tell you what it does.
Done, thanks.
Well, trojan is whatever thing that is sent disguised. The disguise is a Fax document.
It bounced from you: Diagnostic-Code: smtp; 552-5.7.0 This message was blocked because its content presents a potential 552-5.7.0 security issue. Please visit 552-5.7.0 https://support.google.com/mail/answer/6590 to review our message 552 5.7.0 content and attachment content guidelines. n19si3622488wjr.18 - gsmtp I also got another bounce from another machine; Time received: 11/9/2015 7:38:59 PM Message ID: <5640F64C.3040607@telefonica.net> Detections found: Message Body JS/Obfuscator.GX -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)