Tuesday, 10 February 2015

Me new photo ;) my_photo.zip malware

Me new photo ;) my_photo.zip malware
:

Headers: (example)
From:     "Juliya" {touchywyu@marketmindful2.com}
Subject: Me new photo ;)
Message body (example)
Me new photo ;)
Attached to the email is a Zip file:
my_photo.zip

On the Windows machine, Inside the zip, is Windows executable:
my_new_893724987239847238947239847239847293.exe

Md5 Hashes:
30f40ef27c5d1ee7482093c9e6f16169  [1]
Malware Information:

VirusTotal Report [1] (hits 5/57 Virus Scanners)

Malwr Report [1]


Summary:
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup

      Hybrid Analysis Report [1]

      Cheers,

      Steve
      Sanesecurity.com

      No comments: