Voice Message from Unknown (xxx-xxx-xxxx) contains trojan in attached zip file


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject Voice Message from Unknown (xxx-xxx-xxxx) – where x is replace by phone number.

This email is send from the spoofed address “Unity Messaging System <Unity_UNITY5@xxx.xxx>”and has the following very short body (where x is replace by phone number):

From: xxx-xxx-xxxx

The attached ZIP file has the name VoiceMail.zip and contains the 18 kB large file VoiceMail.exe.

At the time of writing, 0 of the 50 AV engines did detect the trojan at Virus Total.

Use the Virus Total permalink and Malwr permalink for more detailed information.
SHA256: e4f11d9a6515323165e2427fe0032bf29ee6ae7a0144b79f7f9dba64df8a6fba.