Another round of fake DHL emails... but this time... it's got a PIF attachment, instead of the
normal zipped exe variety.
Here's the email....
Submitted to Threatexpert:
http://www.threatexpert.com/report.aspx?md5=8b7c994f4d5b0b5e35216bd68d87edb3
Submitted to VirusTotal (7/43)
http://www.virustotal.com/file-scan/report.html?id=2936d561853db9119ac2d5e7120f80d4e8ed39fa191365b5d8be83cfa4f95343-1305796256
It seems to be interested in the following banks:
http://eureka.cyber-ta.org/OUTPUT/8b7c994f4d5b0b5e35216bd68d87edb3/dns.txt
Detected as:
Sanesecurity.Rogue.2050 and Sanesecurity.Malware.16418
Cheers,
Steve
Sanesecurity