Trojan Spammed As Picture File

One-click Billing Fraud

Mobile
- Trending Scams Seen in the Android Market
- Malicious Mobile Apps Found in Server Hosted in Germany
- Fake Version of Temple Run Unearthed in the Android Market
- Search Monetization As a New Threat to the Mobile Platform
- One-Click Billing Fraud Scheme Through Android App Found
- 3 Truths about Mobile Applications
- How Big will the Android Malware Threat Be in 2012?
- 2011 in Review: Mobile Malware
- Checking the Legitimacy of Android Apps
- The Real Issues About Carrier IQ

About Us

Malware Blog > Trojan Spammed As Picture File

Aug31

Trojan Spammed As Picture File

10:22 am (UTC-7) | by Jasper Pimentel (Advanced Threats Researcher)

A new malware is being spammed across email inboxes once again. This Trojan poses as a picture file attachment with the filename KodacDC008.JPG……EXE. It uses a double extension and trailing characters to trick unsuspecting users into clicking the file. In some spammed emails the filename may vary (eg. KodacDC004.JPG.EXE, KodacDC007.JPG.EXE). When executed it downloads a file which is saved as KERNEL32.EXE in the affected machine. The file which is saved as KERNEL32.EXE is actually a spyware that Trend detects as TSPY_GOLDUN.FM

Trend detects this threat as TROJ_GOBRENA.V. Its detection pattern has been available since CPR 3.702.01.

Share this article

This entry was posted on Thursday, August 31st, 2006 at 10:22 am and is filed under Uncategorized . Both comments and pings are currently closed.

Comments are closed.

Why Security Products Fail

Ernesto Domain Names

Other Trend Micro blogs

CounterMeasures Blog

Cloud Security Blog

Consumerization Blog

Internet Safety for Kids & Families

Simply Security News

Trend Micro Blog [German]

TrendLabs Security Blog [Japan]

Cloud Security APAC

Trend Micro Free Tools

Threat Encyclopedia

Trend Micro Videos

Do you have a product-related question? Visit our eSupport website.

© Copyright 2011 Trend Micro Inc. All rights reserved. Legal Notice