Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  
  • Email Subscription

  • About Us

    Trend Micro researchers found spammed messages with a .ZIP file attachment that contains a malware. It bears the subject, “Contract of Settlements,” and purports to come from LSM Company. It informs users to open and check the attached file that holds a contract, which in actual fact, is an executable file (contract_1.exe) detected by Trend Micro as TROJ_FAKEALE.JH.

    When executed in the system, TROJ_FAKEALE.JH connects to http://{BLOCKED}edrdosubor.com/K1er0Lj5n8H0NM4E8h0u where users get another FAKEAV variant, TROJ_FAKEAV.BQN.

    Click for larger view

    Click for larger view

    Accordingly, users cannot scan the attached file because it is password protected. However, a password is included in the email to open the said file. This is probably to trick users into thinking that the said file is legitimate.

    As usual, users are advised to refrain from opening any suspicious-looking emails. Trend Micro product users are protected from this spam attack via the Smart Protection Network. Non-Trend Micro product users can utilize HouseCall, Trend Micro’s highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plugins, and other malware.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice