Sponsored by..

Friday, 8 November 2013

"Voicemail Message" spam / MSG00049.zip and MSG00090.exe

Another day, yet another fake voicemail message spam with a malicious attachment:
Date:      Fri, 8 Nov 2013 15:15:20 +0000 [10:15:20 EST]
From:      Voicemail [user@victimdomain.com]
Subject:      Voicemail Message

IP Office Voicemail redirected message 
Attached is a file MSG00049.zip which in turn contains a malicious executable MSG00090.exe. Virus detection on VirusTotal is a so-so 12/47. Automated analysis [1] [2] shows an attempted connection to seminyak-italian.com on (Unified Layer / Websitewelcome, US). There are 7 or so legitimate sites on that server, I cannot vouch for them being safe or not.

No comments: