Sponsored by..

Tuesday 5 November 2013

USPS spam / Label_442493822628.zip

This fake USPS spam has a malicious attachment:

Date:      Tue, 5 Nov 2013 14:24:45 +0000 [09:24:45 EST]
From:      USPS Express Services [service-notification@usps.gov]
Subject:      USPS - Missed package delivery

The courier company was not able to deliver your parcel by your address.

Cause: Error in shipping address.

Label: 442493822628

Print this label to get this package at our post office.

Please attention!
For mode details and shipping label please see the attached file.

Please do not reply to this e-mail, it is an unmonitored mailbox!

Thank you,
USPS Logistics Services.

CONFIDENTIALITY NOTICE:
This electronic mail transmission and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information belonging to the sender (UPS , Inc.) that is proprietary, privileged, confidential and/or protected from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distributions of this electronic message are violations of federal law. Please notify the sender of any unintended recipients and delete the original message without making any copies.  Thank You 
The attachment is Label_442493822628.zip which in turn contains a malicious executable Label_11052013.exe which has a VirusTotal detection rate of 6/46. Automated analysis [1] [2] shows an attempted connection to sellmakers.com on 192.64.115.140 (Namecheap, US). Note that there may be legitimate sites on that IP address, however it is possible that the whole server has been compromised.


No comments: