Date: Thu, 30 Jan 2014 03:55:04 -0500 [03:55:04 EST]Despite the Vodafone references in the header, this message comes from a random infected PC somewhere and not the Vodafone network.
From: mms.service6885@mms.Vodafone.co.uk
Subject: image Id 312109638-PicOS97F TYPE==MMS
Received from: 447219637920 | TYPE=MMS
The email doesn't quite render properly in my sample:
The spam is probably preying on the fact that most people have heard of MMS but very rarely use it. Attached is a file IMG0000008849902.zip which in turn contains a malicious executable IMG0000008849902.exe, this has a VirusTotal detection rate of just 2/50. Automated analysis tools are inconclusive [1] [2] as the sample appears to time out.
No comments:
Post a Comment