The Latest in IT Security

FedEx Spam Mail Leads To Install Fake AV..

17
Aug
2011

A new spam mail pretending to be arriving from FedEx being spammed in the wild. This spam mail includes subject about “FedEX Notifications”.
The mail is having an attachment, the mail ask the user to extract the attachment which having a document, contains the details about the dilevery.

On extraction of the attachment, the user get a malicious exe file, which having a PDF file icon.

If the user executes the malicious executable inside the zip attachment, it performs the following activity:
Creates the process SVCHOST.EXE and injects its code.
Downloads the fake tool file from the url “http://6X.9X.116.16”.

After download get finished, it installs FakeAV application. Once installed it will show a Fake System Repair Alert as seen below:

Quick Heal detects the attachment and installed Fake AV file and protect it’s users.
We strongly recommend the users not to open such attachments from the unknown emails.

Leave a reply


Categories

TUESDAY, OCTOBER 27, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments