United Parcel Service email scam (Malware)
I will use this thread to upload the latest malware that is being distributed via the United Parcel Service email scam. I have an email account set up that receives these almost daily so I will post the malware attached to those emails here in this thread.
------------------------------------------------------------------------------------------------------------------------------------------------------
[quote]United Parcel Service notification #15151370
...
From:
United Parcel Service <info44balug@ups.com>
...
UPS_tracking_number.zip (6KB)
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.
More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 United Parcel Service of America, Inc.[/quote]
[attachment=8625:UPS_trac...g_number.zip]
MD5: 20bce13e437b66ec86d2c2d7b98f410f
EntryPoint: 0x13c7
FileSize: 18 kB
[b][color="red"]6[/b][/color]/43
[url="http://www.virustotal.com/file-scan/report.html?id=a75e12399ad1c76fd39ebe4e1b2f904d14725857282c9348097c4519805c6355-1301359701"]http://www.virustotal.com/file-scan/report...6355-1301359701[/url]
------------------------------------------------------------------------------------------------------------------------------------------------------
[quote]United Parcel Service notification #15151370
...
From:
United Parcel Service <info44balug@ups.com>
...
UPS_tracking_number.zip (6KB)
Dear customer.
The parcel was sent your home address.
And it will arrive within 3 business day.
More information and the tracking number are attached in document below.
Thank you.
© 1994-2011 United Parcel Service of America, Inc.[/quote]
[attachment=8625:UPS_trac...g_number.zip]
MD5: 20bce13e437b66ec86d2c2d7b98f410f
EntryPoint: 0x13c7
FileSize: 18 kB
[b][color="red"]6[/b][/color]/43
[url="http://www.virustotal.com/file-scan/report.html?id=a75e12399ad1c76fd39ebe4e1b2f904d14725857282c9348097c4519805c6355-1301359701"]http://www.virustotal.com/file-scan/report...6355-1301359701[/url]
0
-
Glad that this forum has been resurrected!
Can I make a suggestion? For the moment, it could be better to email samples to research@lavasoft.com. That mailbox is monitored and samples are sent to our processing system automatically. Just zip the sample and password protect it with the password [b]infected[/b] first.
If that doesn't work for you, just upload here and we'll grab them manually for the time being.
I'm making plans for a more sophisticated sample uploading system where you can upload samples either anonymously or by logging in so you can track your samples. This system is currently in the discussion/investigation phase, so if you have any opinions or suggestions, now would be a good time to voice them.
Andy
Lavasoft Malware Labs0 -
Thanks Andy,
That is one of the reasons that I like posting here, because I get a reply that the samples have actually been dealt with. I have been using the upload site to submit them too, but once I do there is no confirmation that you have received them or done anything to them.0 -
Hi SpySentinel,
That's fair enough. Its great that you're uploading samples, so do whatever works best for you.
Andy0 -
Thanks Andy /smile.png' class='bbc_emoticon' alt=':)' /> 0
Please sign in to leave a comment.
Comments
4 comments