Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Me new photo / Hola mi foto malware

Friday, 30 January 2015

Me new photo / Hola mi foto malware

Me new photo / Hola mi foto malware in the form of a html email with an exe attachment:

Headers:

From: "Juliya" {cognitionih53@supernatuaralworks.com}
Subject: Me new photo ;)Subject: Hola mi foto

Message body1:

Me new photo ;)

Message body2:

hola mi foto :)

The attachment is a Windows executable:

my_new_photo_4327489327498237498239.exe

Md5 Hashes:

66412807813f54108d7b011f1ede6893

Malware Information:

VirusTotal Report [1] ( detected by 3/57 Virus Scanners)

Malwr Report [1]

Executed a process and injected code into it, probably while unpacking

Installs itself for autorun at Windows startup

Hybrid-Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

2 comments:

Anonymous said...: Got this one as well. Cheers!; 30 January 2015 at 10:12
milesfromneihu said...: Just received this one in Taiwan, from two different sources.; 10 February 2015 at 02:09

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Friday, 30 January 2015

Me new photo / Hola mi foto malware

2 comments: