Spams about Internet Explorer 7.0 Beta

Email-Worm.Win32.Sober.aa

Spams from AntiFraud

Large | Medium | Small

[Post on : May 5, 2007 18:59 | Category : Trojan | by : smallmo] Reship : Original

We have received numurous spams about Internet Explorer 7.0 Beta. These spams are masquerated from Microsoft, and a file "update.exe" will be downloaded. It's a trojan downloader. Please be careful.

The spam is as the following:

Quotation

From: admin@microsoft.com
Subject: Internet Explorer 7.0 Beta
Body: (a picture of Internet Explorer 7.0 Beta)

Quotation

From: Admin@windows.com
Subject: "Internet Explorer 7.0 Beta" download.
Body: (a picture of Internet Explorer 7.0 Beta)

If clicks this picture, "update.exe" will be downloaded. As now, we have received lots of different urls. They are include:

http://addys.co.uk/<removed>/update.exe
http://dynaplastt.com/<removed>/update.exe
http://dzwebsolutions.net/<removed>/update.exe
http://gloriousfailure.com/<removed>/update.exe
http://gmasinc.com/<removed>/update.exe
http://gmba.com/<removed>/update.exe
http://goalmastery.net/<removed>/update.exe
http://gojenola.com/<removed>/update.exe
http://goldenmexico.com/<removed>/update.exe
http://mitien.clan.su/<removed>/update.exe

The size is 4,608 bytes, MD5 hash is dd2afa3c001def1d3c68ea39f280c05a. Kaspersky detects it as Trojan-Downloader.Win32.Agent.bjo.

Last modified by smallmo onMay 5, 2007 22:39

Comments(0) | Trackbacks(0) | Reads(3792)

< 2010 > < 9 > Geng Yin (Tiger)
Su	Mo	Tu	We	Th	Fr	Sa
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

Spams about Internet Explorer 7.0 Beta

Threat Level

Submitting

Categories

Calendar

Statistics

Search

Latest Entries

Latest Comments

20 Hot Entries

20 Hot Comments

Links

Archive

Misc

Our LOGO