The Latest in IT Security

FedEx Scam Spreading Rogueware!

31
Oct
2011


Today we received a mail which pretended as if it has come from FedEx as below.

As seen from the image, the attachment is actually an UPX packed executable file which looks like an invoice document.

After execution of the binary, it dropped copy of itself and also created registry key as shown below.

[Image 2]

The file and registry key names are created as if they are genuine ones.

In addition we also noticed that it tried connecting to suspicious links.

Finally the Rogueware named System Restore got installed.

We suggest all users to stay away from such emails.

If you are infected with such Rogueware, we recommend you to scan the system using below tool.
Remove System Restore Rogueware

Related posts:
  1. FedEx Spam Mail Leads To Install Fake AV..
  2. Gift of Trojan.Smoaler Delivered Through Fake FedEx Emails
  3. Rougeware through Fake FedEx email
  4. Beware of Fake FedEx Tracking Report Notification.
  5. New IM Trojan Spreading Via Yahoo Messenger and Facebook

Tags:  
Written by Quick Heal Weblog
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments