The Latest in IT Security

Fake “Windows XP Recovery” tool.


We have analyzed below malicious email. As usual it pretends to be from DHL Inc.

As we can see this email has a zip file attachment which contains a malware.
On extraction of this zip file user gets an executable file which has icon like a pdf file.

If this file gets executed it runs a script file from url “http://9X.6X.9.15/f/g.php”
and downloads the fake tool file from the url “http://6X.9X.116.16/pusk3.exe”

After downloaded file is executed on the affected machine and it works as a fake “Windows XP Recovery” tool.
It hides all the items which are presents on the users desktop. It displays frequently a fake “Hard Drive Failure”
error message. The fake tool is as shown below:

Quickheal detects the malware file as “TrojanDownloader.Dapato.dt” so users are already gets protected.
We recommends the users not to open such attachments from the unknown emails.

Leave a reply


FRIDAY, JULY 23, 2021

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments