Confimation letter in email uk_confirmation_ph999546375.pdf contains trojan


MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject in the format “uk_confirmation_ph999546375.pdf”.

This email is send from the spoofed addresses and has the following body:

Confirmation letter enclosed.  Please see attachment.

The attached file uk_confirmation_ph999546375.zip contains the folder uk_confirmation_ph999546378.

The malware is detected by 13/61 AV engines at Virus Total and analysis is available at Malwr.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s