Email CITY OF PORT Arthur – STORM SEWER Project contains trojan


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “CITY OF PORT Arthur – STORM SEWER Project”.

This email is send from various spoofed email addresses and has the following body:

Please see attachment for contract.  Please sign and return.

Thanks

Fred Stepp – Office Manager
McInnis Construction, Inc.,
675 South 4th Street
Silsbee, Texas 77656
email: fred@mcinnisprojects.com
Phone: 409-385-5767
Fax: 409-385-2483

The attached file WOM8zLph4X8W.zip contains the 35 kB large file contract_erwer2rdfvcsdva_erwr.exe.

The trojan is known as Kryptik.CLASS.

At the time of writing, 1 of the 55 AV engines did detect the trojan at Virus Total.

Use the Virus Total or Malwr for more detailed information.
SHA256: 16a536e70fab4993d961f1a6a780b497c09d8ca6cc28f465bd0416d623f70a86

One thought on “Email CITY OF PORT Arthur – STORM SEWER Project contains trojan

Comments are closed.