UPS Malware attachments.

From last few days we have seen a significant increase in the activity related to spam E-mail messages. One of cause of rise is due to malware being heavily distributed by emails as an attachment. The package delivery mails have increased.

The email claims itsels to be from UPS or Postal Expres courier service companies and inform users about delivery failure of postal package.

The message instructs the user to open the attached file. The attachment may contain following files.

Invoice_Copy.zip
Post_Express_Label.zip
UPS.zip

when the zip file extracted the user will get a exe file with an icon of a word document.
When you open the exe file, it will probably installs a Trojan and may download other malwares too.

We have observed that all the infected emails comes with below subject lines:

UPS Delivery Problem NR56378
UPS INVOICE NR9094991
Post Express Service. Get the parcel NR 45556
Post Express Delivery. You need to get a parcel NR 70536

If you come across such E-mails do not open the attachment. Instead delete them and keep your Antivirus updated.
Quick Heal detects the malicious attached file as TrojanDownloader.Dofoil.d

Thanks Santosh for the analysis report.

Ranjeet Menon

Ranjeet Menon


No Comments, Be The First!

Your email address will not be published.

CAPTCHA Image