Trojan attached to emails “Don’t forget about meeting tomorrow”


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Don’t forget about meeting tomorrow”.

The email is send from the spoofed address “LinkedIn <welcome@linkedin.com>” or “Files Tube >filestube@filestube.com>”and has the following body:

Don’t forget this report for meeitng tomorrow.
See attached file.

The attached ZIP file has the name Report.zip and contains the 83 kB large file Report_ALK_CON-39892-45.exe.

The trojan is known as W32/Trojan3.DUC, HEUR:Trojan.Win32.Generic, W32/Kryptik.AB!tr, W32.Cridex.

At the time of writing, only 8 of the 42 AV engines did detect the trojan at Virus Total.

Virus Total permalink and SHA256: b91d0d02f21bf156d6825c32bfcdb918e729bf61b37dee65ead51793a2c21e56.

One thought on “Trojan attached to emails “Don’t forget about meeting tomorrow”

Comments are closed.