Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us

    Trend Micro researchers found spammed messages with a .ZIP file attachment that contains a malware. It bears the subject, “Contract of Settlements,” and purports to come from LSM Company. It informs users to open and check the attached file that holds a contract, which in actual fact, is an executable file (contract_1.exe) detected by Trend Micro as TROJ_FAKEALE.JH.

    When executed in the system, TROJ_FAKEALE.JH connects to http://{BLOCKED}edrdosubor.com/K1er0Lj5n8H0NM4E8h0u where users get another FAKEAV variant, TROJ_FAKEAV.BQN.

    Click for larger view

    Click for larger view

    Accordingly, users cannot scan the attached file because it is password protected. However, a password is included in the email to open the said file. This is probably to trick users into thinking that the said file is legitimate.

    As usual, users are advised to refrain from opening any suspicious-looking emails. Trend Micro product users are protected from this spam attack via the Smart Protection Network. Non-Trend Micro product users can utilize HouseCall, Trend Micro’s highly popular and capable on-demand scanner for identifying and removing viruses, Trojans, worms, unwanted browser plugins, and other malware.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice