3monkeys

I recently received the following email:

Hello!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address. 

You may pickup the parcel at our post office personaly!

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox.

Thank you,
DHL Global Forwarding Services.

There is a file attached DHL_print_label_cef3e.zip, do not open or run this file as it contains malware.

ThreatExpert behavioral analysis:
http://www.threatexpert.com/report.aspx?md5=8960322225b6a842bad87a285f028f5f

Anubis behavioral analysis:
http://anubis.iseclab.org/?action=result&task_id=1eddf69e4a1adce8441a785cef6c52879

See the Web of Trust (WOT) and MalwareURL reports for mmsfoundsystem .ru, a domain to which this malware phones home, and a related domain:

http://www.mywot.com/en/scorecard/mmsfoundsystem.ru
http://www.malwareurl.com/listing.php?domain=mmsfoundsystem.ru

http://www.mywot.com/en/scorecard/mmmserver.ru
http://www.malwareurl.com/listing.php?domain=mmmserver.ru

- 3Monkeys

Popularity: 6% [?]

(1 votes, average: 10.00 out of 10)

 Loading ...

This entry was posted on Tuesday, October 27th, 2009 at 9:32 am and is filed under Security, Virus. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.