This piece of malware is going around on the internet since last week or so. MX Lab, http://www.mxlab.eu, had not intercepted this message to check it out. Until now that is.
The email is send from the spoofed address “firstname.lastname@example.org”, has the subject “1ste Christmas Card” and has the following body:
“The Snow Fairy can bring you good fortune for one whole year.
May YOU be blessed by her good deeds…..
You must pass the Snow Fairy to 7 people within 60 seconds to receive your one year blessing…. HURRY!”
This is a screenshot of the email:
The attached ZIP file has the name SnowFairy.zip and contains the 610 kB large file SnowFairy.exe.
It is quite common that threats like this are masked like an e-card coming from Hallmark. And with the end of the year in sight we could expect that this kind of threats was going to emerge.