Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Malware writers are again taking advantage of curious readers by sending out email messages related to recent news events that contain malicious attachments.

    One particular sample detected as TROJ_AZAH.A comes disguised as a folder. A curious user may “open” the disguised file and run it. Among the folder names used are:

    • Philippine-HK News
    • Rise of Global Terrorism and U.S. Strategy
    • Status and Future of Global Torture 2010
    • Status and Future of U.S. Textile Industry
    • Status and Future of Worldwide Press Freedom 2010
    • Strategy of US Global Military—Role of Singapore
    • U.S. Strategy—Troops Leave Iraq
    Attachment appearance

    Once executed, the malware deletes itself and attempts to create a real folder that may contain a .PDF or .DOC file. However, during testing, the malware was unable to create the said files.

    As its final payload, it attempts to access a URL to download other malware. Unfortunately, in our recent testing, its download routine has been unsuccessful.

    Nevertheless, we shouldn’t let our guards down, as future variants may well use this exact same line of attack. Just in case, Trend Micro already blocks the URLs related to this malware.

    Users are advised to avoid opening email attachments, especially if these come from unknown senders.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice