There is a common technique used by attackers: They append some data at the end of files (this is called an overlay). This can be used for two main reasons: To hide the appended data from the operating system (steganography). By example, you can append a text file at the end of a JPEG image. When your favourite image viewer will process the picture, it will just ignore the “rogue” data. Here is a PNG picture that has a text file (dir output) added at the end:
This article has been indexed from SANS Internet Storm Center, InfoCON: green