Thinking that someone just remembered you and sent you a Hallmark greeting card? Think again, before you open the email attachment. Today, we received a spam allegedly from Hallmark.
Once you run the file named postcard.exe, it will automatically open Notepad with some garbage characters to distract users while the malware is being installed.
Trend Micro detects this malware as TROJ_INJECTOR.DD using at least pattern version 5.320.07. The malware drops copies of itself and creates registry entries to ensure its automatic execution at every system startup.
This is not the first time malware authors tried to trick users by exploiting their curiosity and desire to receive good tidings via greeting cards: Storm started out much the same way, including the use of eCards, and well into 2007.