Friday, 30 January 2015

Me new photo / Hola mi foto malware

Me new photo / Hola mi foto malware in the form of a html email with an exe attachment:


Headers:
From:     "Juliya" {cognitionih53@supernatuaralworks.com}
Subject: Me new photo ;)
Subject: Hola mi foto

Message body1:

Me new photo ;)

Message body2:
hola mi foto :)


The attachment is a Windows executable:
my_new_photo_4327489327498237498239.exe

Md5 Hashes:
66412807813f54108d7b011f1ede6893
Malware Information:
VirusTotal Report [1] ( detected by 3/57 Virus Scanners)

Malwr Report [1]

  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup


Hybrid-Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

2 comments:

Anonymous said...

Got this one as well. Cheers!

milesfromneihu said...

Just received this one in Taiwan, from two different sources.