Email with “Balance sheet” contains malicious .scr file inside Balance_sheet_pdf.zip


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Balance sheet”.

This email is send from the spoofed address and has the following short body:

Please save the attached file to your hard drive before deleting this message. Thank you.

The attached ZIP file has the name Balance_sheet_pdf.zip and contains the XXX kB large file Balance_sheet_pdf.scr.

The trojan is known as Trojan.Ranapama.AU, W32/Trojan.APUP-2842, W32/Trojan3.INJ, HEUR/Malware.QVM20.Gen or Trojan.Cryptodefense.

At the time of writing, 12 of the 51 AV engines did detect the trojan at Virus Total.

Use the Virus Total permalink and Malwr permalink for more detailed information.
SHA256: d00b92837467c301f5359943d955dc7a4d59f0136b4e90715d5d97ee0a9617d3.

One thought on “Email with “Balance sheet” contains malicious .scr file inside Balance_sheet_pdf.zip

Comments are closed.