Your Order No 835448 - Broadcast Music, Inc.

Discussion in 'malware problems & news' started by Triple Helix, Apr 28, 2011.

Thread Status:
Not open for further replies.
  1. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    New Infected Attachment email going around! VT shows 17/42 ATM.

    TH

    Capture28-04-2011-10.48.01 AM.jpg
     
  2. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    VT now up-to 21/42.

    TH
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Please, post the MD5 so everyone who are interested in the VT results can find them. :)
     
  4. ParadigmShift

    ParadigmShift Registered Member

    Joined:
    Aug 7, 2008
    Posts:
    203
    Hello TH,

    I've seen many of these emails, some worded differently with the same named attachment file. The .exe files inside the .zip are repacked so AV can't recognize them. I have been uploading these 'order details.zip' attachments from different users everyday to VT and the scan results always vary.
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    TrojanDownloader:Win32/Chepvil


    MD5 : 8bbe06c80abf148cd1f09cacb95b7ae5
    SHA1 : ceafda42abf38ccc474666da3d6b991237bccce6
    SHA256: 8aaa75fedd91b7bcb18ad6da08e7d40d5b10f74341bc679c2f4db96a1dce232e

    TH
     
    Last edited: Apr 28, 2011
  6. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    I get them all the time as my ISP email is associated with Yahoo! But I have not seen this before Broadcast Music, Inc.

    TH
     
    Last edited: Apr 28, 2011
  7. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Personally I never get this type of emails to my ISP email.
    But my Hotmail account is a different story there they get in every now and then.

    And thanks for the MD5 TH :)
     
Loading...
Thread Status:
Not open for further replies.