<!-- The following sample format contains malformed MIME header along with the Base64 encoded executable. ---------------------------------------------- MIME-Version: 1.0 ------=_NextPart_000_0000_01C2E1F4.0D559EA0 Content-Location:file:///tomatell.exe Content-Transfer-Encoding: base64 TVpQ ---------------------------------------------- --> Excellent! Yes, there has always been something suspicious about that spot. Simply writing the word [header] GIF89a in the same spot will create an empty image container: ------phuquedup.mhtml----- MIME-Version: 1.0 Content-Transfer-Encoding: 7bit GIF89a ------phuquedup.mhtml----- End Call -- http://www.malware.com
