We have analyzed below malicious email. As usual it pretends to be from DHL Inc. As we can see this email has a zip file attachment which contains a malware. On extraction of this zip file user gets an executable file which has icon like a pdf file. If this file gets executed it runs […]
One after another malware family trying to panic user to install fake security application. Now the Chepvil malware which comes via email as an attachment. The email as shown below: Email Snip The attachment comes with the names doc.zip, details.zip, document.zip. On extracting user gets an executable file with the pdf file icon. If user […]
We have analyzed few rogue security programs which displays fake Microsoft Security Essentials threat alerts. When certain programs are launched then this FakeAV program displays a fake Security Essentials alert dialog. If users closes this dialog box then it also terminates the program that it reports as a threat. It claims as threat to the […]
Yesterday my friend shown me some emails. I found below scam emails. ************************************************************ Subject: From:Mrs. Jessica Marie Ortler To: undisclosed@[xxxxxx].com Hello My name is Mrs. Jessica Marie Ortler. I am a dying woman who had decided to donate what I have to you. I am 59 years old and was diagnosed for cancer about 2 […]
It seems that it is from United States Postal services. It is a spam email. User can receive such a email as shown below. This email has a malicious file as an attachment in a zip format. The file comes with a Microsoft xls file icon. If user run the file then it asks for […]
We have analyzed a suspicious email in our security lab that email shown below Above email has an attachment. This attachment is a zip archive which contain a trojan oficla variant. This trojan has a Microsoft word file icon. Upon execution it downloads below script file. https://ilovelasvegas.ru/web/St/bb.php?v=200&id=881716830&b=23avgust&tm=72 The script contains string as shown below: “[info]runurl:https://91.204.48.46/kasuli.exe|taskid:39|delay:15|upd:0|backurls:[/info]” […]
Microsoft has released updates to resolve the vulnerability which is discussed in Security Advisory 2286198 and which is being exploited. More information regarding the vulnerability can be found on the below links https://www.microsoft.com/technet/security/advisory/2286198.mspx https://blogarchive.quickheal.com/index.php?/archives/166-CVE-2010-2568-LNK-file-automatically-executes-code-in-Control-Panel-shortcuts.html https://blogarchive.quickheal.com/index.php?/archives/167-StuxNet,-CVE-2010-2568-misconceptions-and-facts.html The patch to resolve the vulnerability is released and it is available to download visit below link. https://www.microsoft.com/technet/security/bulletin/ms10-046.mspx We recommend […]
A variant of the Trojan family Drooptroop leads to the infection of Rougeware named Security Master AV. It redirects the google result to a fake online scanner link. It displays fake threat messages and asks user to download or run the rougeware setup: QuickHeal detects the setup file as TrojanDownloader.FraudLoad.gxv and Rougeware is detected as […]
