![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidLVYOnpO1911oKnPlhMNQjNtje8XBGGrfdV8h5ZtR85D55ABTWFazFhk4ehPdeQr8N8l9CMUd4xJj6Wk3f2vasXapokxCj5y99T9_6ZEBSWrtXIK6DAgzpgm39g6qLn8sjDUnRKoV6uo/s200/donotopen.png)
From: Logistics Express [admin@ups.com]
Subject: Re: Changelog 2011 update
Hi,
as promised changelog,
Michaud Abran
VirusTotal detects the payload as Cridex. The malware is resistant to automated analysis tools, but Comodo CAMAS reports the creation of a file C:\Documents and Settings\User\Application Data\KB00085031.exe which is pretty distinctive.
If your email filter supports it, I strongly recommend that you configure it to block EXE-in-ZIP files as they are malicious in the vast majority of cases.
No comments:
Post a Comment