Date: Mon, 27 Jan 2014 19:37:11 +0300 [11:37:11 EST]
From: Administrator [docs1@victimdomain.com]
Subject: Skype Missed voice message
Skype system:
You have received a voice mail message.
Date 01/27/2014
Message length is 00:01:18.
Attached to the email message is an archive file Skype-message.zip which in turn contains a malicious executable Voice_Mail_Message.exe which has a VirusTotal detection rate of 13/49. Malwr reports that the malware calls home to rockthecasbah.eu on 64.50.166.122 (LunarPages, US). This server has been compromised before and I recommend you block traffic to it.
2 comments:
I got blitzed by this this afternoon (1530GMT); the Voice_Mail_Message.exe looks familiar.. has it been used in previous campaigns?
@Ron, yes there have been similar campaigns before (example) but I haven't seen Skype mentioned as the lure previously.
Post a Comment