Pixmania gift voucher email contains trojan in ZIP file
January 9, 2013 8 Comments
MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Pixmania.com gift voucher code”.
The email is send from “Pixmania.com” with a spoofed email address and has the following body:
The attached ZIP file has the name voucher.zip and contains the 122 kB large file voucher.scr.
The trojan is known as a variant of Win32/Kryptik.ARTR, Trojan.Generic.KD.823865, Artemis!32D03167D51A or WS.Reputation.1.
At the time of writing, 13 of the 45 AV engines did detect the trojan at Virus Total.
Virus Total permalink and SHA256: 088aa2ff181efea185749728f40eb8005e0cbf5ae13acf0823ad32aecdccc843.