Sign in to follow this  
Followers 0
SpySentinel

United Parcel Service email scam (Malware)

By SpySentinel, in Malware Uploads

Recommended Posts

SpySentinel    30

SpySentinel
Posted
I will use this thread to upload the latest malware that is being distributed via the United Parcel Service email scam. I have an email account set up that receives these almost daily so I will post the malware attached to those emails here in this thread.

------------------------------------------------------------------------------------------------------------------------------------------------------


[quote]United Parcel Service notification #15151370
...
From:
United Parcel Service <[email protected]>
...
UPS_tracking_number.zip (6KB)


Dear customer.

The parcel was sent your home address.
And it will arrive within 3 business day.

More information and the tracking number are attached in document below.

Thank you.
© 1994-2011 United Parcel Service of America, Inc.[/quote]



[attachment=8625:UPS_trac...g_number.zip]

MD5: 20bce13e437b66ec86d2c2d7b98f410f
EntryPoint: 0x13c7
FileSize: 18 kB

[b][color="red"]6[/b][/color]/43
[url="http://www.virustotal.com/file-scan/report.html?id=a75e12399ad1c76fd39ebe4e1b2f904d14725857282c9348097c4519805c6355-1301359701"]http://www.virustotal.com/file-scan/report...6355-1301359701[/url]

Share this post

Link to post
Share on other sites

LS.Andy    79

LS.Andy
Posted
Glad that this forum has been resurrected!

Can I make a suggestion? For the moment, it could be better to email samples to [email protected] That mailbox is monitored and samples are sent to our processing system automatically. Just zip the sample and password protect it with the password [b]infected[/b] first.

If that doesn't work for you, just upload here and we'll grab them manually for the time being.

I'm making plans for a more sophisticated sample uploading system where you can upload samples either anonymously or by logging in so you can track your samples. This system is currently in the discussion/investigation phase, so if you have any opinions or suggestions, now would be a good time to voice them.

Andy
Lavasoft Malware Labs

Share this post

Link to post
Share on other sites

SpySentinel    30

SpySentinel
Posted
Thanks Andy,

That is one of the reasons that I like posting here, because I get a reply that the samples have actually been dealt with. I have been using the upload site to submit them too, but once I do there is no confirmation that you have received them or done anything to them.

Share this post

Link to post
Share on other sites

LS.Andy    79

LS.Andy
Posted
Hi SpySentinel,

That's fair enough. Its great that you're uploading samples, so do whatever works best for you.

Andy

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Sign in to follow this  
Followers 0
Go To Topic Listing