Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

SMTP: .WSH

This signature detects e-mail attachments with the extension .wsh sent through SMTP. This can indicate an incoming e-mail virus. .WSHs (Windows Script Host Settings File) contain configuration parameters. Attackers can create malicious configurations, tricking the user into executing the file and infecting the system.

Extended Description

Malware writers can set undesired system values.

References

URL: http://www.cknow.com/vtutor/FileExtensions.html http://www.novatone.net/mag/mailsec.htm http://support.microsoft.com/?kbid=235309

Short Name

SMTP:EXT:DOT-WSH

Severity

Minor

Recommended

False

Recommended Action

None

Category

SMTP

Keywords

.WSH

Release Date

08/04/2004

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3375

False Positive

Unknown