New Bredolab variant in email regarding DHL parcel delivery problems


MX Lab started to intercept new variants of Bredolab in emails regarding DHL parcel delivery problems. The emails comes from the spoofed address Manager Youg Steward <parcel@dhl-usa.com> (name is choosen randomly).

The body of the email:

Dear customer!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly.

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox!

Thank you,
DHL Delivery Services.

The email has the ZIP attachment named DHL_Label_da882.zip (charachters after DHL_Label_ are choosen randomly) that contains 32 kB big file DHL_Label_da882.exe.

At the time of writing only 14 of the 40 AV engines detect the virus at Virus Total. Virus Total permlink and MD5: 2ddd08612873d8217555f6c40ae32f51.

One thought on “New Bredolab variant in email regarding DHL parcel delivery problems

  1. hello,,

    i need this software, either this one or facebook one,, i need to check how it work

    can any1 help??

Comments are closed.