Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    May 2012
    S M T W T F S
    « Apr    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us
    Malware Blog > Malware Conceals Itself as Boss’s Letter

    Trend Micro threat analysts found spammed messages that pretended to be a letter coming from the “boss.” The messages bore the subject “get back to my office for more details” and instructed users to extract and read the letter contained in the attached .ZIP file. The attachment, of course, does not contain a letter but an .EXE file (info.exe) detected by Trend Micro as TROJ_CUTWAIL.GT.

    Click for larger view Click for larger view

    Upon execution, TROJ_CUTWAIL.GT creates registry entries to automatically execute at every system startup. It also drops a Trojan dropper detected as TROJ_DROPR.ST. Cutwail is known as the “spam engine” of the notorious botnet, PUSHDO, which spammed around 7.7 billion messages a day in the second quarter.

    In the past few days or so, Trend Micro has reported various spam that used malicious attachments (ZIP or RAR) to hide malware. This suggests that old tactics never die and continue to be an effective way of infecting users. We blogged about this in the following posts:

    Users are advised to be wary when opening any attached file even if it comes from a person with authority or one’s “boss.” Trend Micro users are protected via the Trend Micro Smart Protection Network, which detects TROJ_CUTWAIL.GT and blocks the spammed email message. Non-Trend Micro products users can use free tools like HouseCall to stay secure from this attack.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    2 Responses to “Malware Conceals Itself as Boss’s Letter”

    Trackbacks

    1. TrendMicro (TrendMicro)
    2. Tech Thoughts Daily Net News – November 4, 2009 « Bill Mullins’ Weblog – Tech Thoughts


     

    © Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice