It is a tradition that at the end of the year new email threats emerge, more spam is going around and also for this year we expect to face new threats.

MX Lab started to intercept messages with the subject line “Jingle bells, jingle bells.. Ho ho ho Santa Claus is coming!!”. The message contains an URL that leads to a web site that hosts malware named SantasGift.exe.

The malware is known as Trojan.IRC.Zapchast-16 (ClamAV), Dropped:Backdoor.Zapchast.PI (BitDefender), Backdoor.Zapchast.PF (F-Secure) or Backdoor.IRC.Zapchast.zwrc (Kaspersky).

Virus Total permlink and MD5: ef1982df5c01b62b3fa66daa8115946e