Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    1:48 am (UTC-7)   |    by

    Today we received two samples related to the TROJ_YABE malware family with different MD5 hash.

    File Name :
    File Size : 18,432 bytes
    MD5: 3dc607942049e82e7108443cc5d87403: c85657e8cda72be356554856f4158562
    Downloaded Files: ws25.exe (116,952 bytes): ws26.exe (116,952 bytes)TROJ_DLOADER.KEH
    Related File: ipv6monl.dll (84,184 bytes)TSPY_BZUB.CX
    Download URL: http://www.{blocked} http://www.{blocked}.sk/_sub/suchy/admin/img/iexplorer.exe
    As with the recent YABE variants, this new sample also used the monthly bill from German Telekom for its social engineering. Here are some sample emails:

    A second wave of spamming was also reported. Following are some details:

    File Name : T-Com.pdf.exeTROJ_YABE.BT
    File Size : 44,032 bytes
    Downloaded Files: win994.exe (100,056 bytes)TSPY_BZUB.CX
    Related File: ipv6monl.dll (66,776 bytes)TSPY_BZUB.CX

    Thanks to Alice Decker for the valuable information.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice