FYI...
Spamvertised.. campaign serving scareware
- http://ddanchev.blogspot.com/2011/04...-campaign.html
April 12, 2011 - "A currently spamvertised scareware-serving campaign is enticing end users into downloading and executing a malicious binary, which drops a scareware variant.
Sample subject: Reqest rejected (SP?)
Sample message: "Dear Sirs, Thank you for your letter! Unfortunately we can not confirm your request! More information attached in document below. Thank you Best regards."
Sample attachments: EX-38463.pdf.zip; EX-38463.pdf.exe
Detection rate:
- http://www.virustotal.com/file-scan/...932-1302746736
File name: EX-38463.pdf.exe
Submission date: 2011-04-14 02:05:36 (UTC)
Current status: finished
Result: 35/41 (85.4%)
... Upon execution downloads hdjfskh .net/ pusk .exe - 208.43.90.48...
Detection rate:
- http://www.virustotal.com/file-scan/...83c-1302681312
File name: VRB.EXE.Muestra EliStartPage v23.03
Submission date: 2011-04-13 07:55:12 (UTC)
Current status: finished
Result: 19/42 (45.2%)
Phones back..."
(More detail at the ddanchev.blogspot URL above.)