The now discovered variant spreads via email attachments posing as faxes or contain a message from an undelivered package and Upatre downloader. This downloader downloads the weather Dyre Trojan on the system, which installs a worm on the computer. The worm uses Microsoft Outlook on the computer to send infected e-mails with Upatre downloader. In addition, the malware does not use the address book of the victim, as it was done by many worms in the past. After the messages are sent, the worm deletes itself again, as reports of anti-virus company Trend Micro.
Hashes:
f50c87669b476feb35a5963d44527a214041cc2e – TROJ_UPATRE.SMBG
5250d75aaa81095512c5160a8e14f941e2022ece – TSPY_DYRE.YYP
9860d5162150ea2ff38c0793cc272295adf1e19a – WORM_MAILSPAM.XDP
No comments:
Post a Comment