Author

Topic: [MALICIOUS] BTC-E Passport (email) (Read 1257 times)

legendary
Activity: 1008
Merit: 1000
Making money since I was in the womb! @emc2whale
March 11, 2014, 12:32:28 PM
#3
Thanks for keeping an eye out for us.

+10
legendary
Activity: 1050
Merit: 1004
March 11, 2014, 12:31:12 PM
#2
BTC-E isn't based in Tokyo...
sr. member
Activity: 490
Merit: 250
March 11, 2014, 12:07:16 PM
#1


This slipped through my gmail spam filter this morning.  Just thought I'd post a screenshot so a newer member doesn't download the malicious attachment.  In terms of fake emails, this one is above average because they managed to fake the SMTP headers.

The attachment is a file called Document(03-2014).rar

After unraring, the contents are Document passport data - Realsed (2014-03).jar (yeah....not running that)

VirusTotal Analysis:

https://www.virustotal.com/en/file/17eaec30da2f752073f068a2d1c840087bc91f53570b4c13ec526da2ae98ddcd/analysis/1394557261/

Antivirus    Result   
Comodo    UnclassifiedMalware   
ESET-NOD32    a variant of Java/Adwind.G
TrendMicro    JAVA_OZNEB.B
TrendMicro-HouseCall    TROJ_GEN.F47V0311

So, as I guessed from the beginning, the .jar file is malicious haha

Hope this post helped someone out.
Jump to: