Mails send from egreetings.Com with malicious links is still floating around. The subject of these mails
is formed using below keywords
You’ve received [a|n] [greeting|] [postcard|ecard] from a [admirer|class-mate|colleague|family member|friend|mate|neighbor|neighbour|partner|school friend|school mate|school-mate|worshipper]!
Here is one of such subject line used ” You’ve received a greeting card from a class mate!”
“We are currently testing a new browser feature. If you are not able to
view this ecard, please click here (/ecard.exe) to view in its original format.”
Downloaded program is a Trojan downloader which in turn download other mailicous files from other remote system. Trojandownloader.Tibs.mq and Trojandownloader.Small.evy added in database.