HURST
July 3rd, 2008, 05:20 PM
Today I decided to browse my Spam folder on Gmail.
There where several emails with links to videos. Some said "You where caught on tape" and others offered porn streaming (links to a porntube page).
The common factor is that all of them had a hidden link to a video1.exe.
I downloaded the sample. VirusTotal shows 7/33 detections.
I uploaded the sample to CW sandbox, I don't have the log right now, but the file did create an exe on system32 folder and a run entry on the registry for that file, and several dll injections.
So, be carefull on what you click on!
There where several emails with links to videos. Some said "You where caught on tape" and others offered porn streaming (links to a porntube page).
The common factor is that all of them had a hidden link to a video1.exe.
I downloaded the sample. VirusTotal shows 7/33 detections.
I uploaded the sample to CW sandbox, I don't have the log right now, but the file did create an exe on system32 folder and a run entry on the registry for that file, and several dll injections.
So, be carefull on what you click on!