Wednesday, 31 December 2014

Costco Acceptance of Order malware

Costco Acceptance of Order malware has just arrived in time for the New Year...

From: Costco
Reply-To: Costco
Subject: Acceptance of Order
Message body:
Our online store received an order and the personal data of the recipient coincide with yours.

You may get your order in the nearest Local Store.

Attention! Your order can be reserved within 4 days.

You may see order details here.

Truly yours,

Clicking on the link with a Windows system gives you a zip file (name based on IP address location)
Clicking on the link with an non-Widows system...Yes, Windows 9x...

On the Windows machine, Inside the zip, is Windows executable:

VirusScanner Reports:
Md5 Hash: 01bfae48c34156b7a9aa4c01d6988110
VirusTotal Report : [ 8 / 55] (a variant of Win32/Kryptik.CULP)
Malwr Report
Hybrid-Analysis Report


No comments: