Wednesday, 28 January 2015

Wysłane z mojego iPhone przez Tapatalk foto

Wysłane z mojego iPhone przez Tapatalk malware:

Headers:
Subject: Wysłane z mojego iPhone
Message body:
foto
Wysłane z mojego iPhone przez Tapatalk

Attached to the email is a ZIP file:
5ugshabe_foto_jpeg.zip

On the Windows machine, Inside the zip, is Windows executable (Note the dual extension)
5ugshabe_foto_jpeg.exe

Md5 Hashes:
0c4e3c7b93184122864ea65755732a3e [1]

Malware Information:

VirusTotal Report [1] (hits 1/57 Virus Scanners)

Malwr Report [1]

Summary:

  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

No comments: