Fake Anti-Virus Spam

This morning we detected another malspam campaign this time focusing on delivering the rouge anti-virus application XP AntiVirus 2008. This particular application has been used numerous times before as the malspam payload to infect users and has been seen in some of the CNN alerts, MSNBC, IE 7.0 attack, etc. The idea here is to trick users into executing the setup application that when subsequently installed will prompt the user with popups informing them they need to upgrade to the professional version by providing fake information concerning threats found.

File size: 187904 bytes
MD5…: 1b5d201be2f98b55b160e53ffc25f984
SHA1..: 1cd25f2906147536ab2901f20c85cfea25b67c0d
SHA256: af881a4dabb768d42ce40e44aa4903c25d3b9bc2d548fcb81f3ef225ee962a01
SHA512: a7c9497584017b5219d23fab7e6aebf99229c4f3a678a865647280afdcab94d5
e1dbd3a700e47c26d413c6c20f6f48a6d3f95a2956a0a23ac6bf7a6d34d8d45d
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: