File Selection Gaffe, (Sun, Oct 18th)

Have you ever sent out the wrong file? I know it has happened to me, attaching the wrong file to an email.

And it happens to malicious actors too.

A reader sent us a malicious email with an attachment: PURCHASE ORDER.mmp

You must be thinking the same as me: what is an .mmp file? Microsoft Project? No, that seems to be .mpp.

Looking at it with a binary editor, it does seem to be some kind op project file:

I searched further for strings that might give me a clue, and found this:

Gammadyne Mailer is email marketing software.

This malicious actor sent out the project file for their mailing campaign!

Didier Stevens
Senior handler
Microsoft MVP

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Reposted from SANS. View original.