Author Topic: Spam Attachments  (Read 5287 times)

0 Members and 1 Guest are viewing this topic.

October 15, 2013, 03:48:44 pm
Read 5287 times

berzerke

  • Newbie

  • Offline
  • *

  • 2
First post. I do use your lists and would like to give back. If there's a better way to post the info below, I'm listening. Anyway...

Got a spam attachment (https://www.virustotal.com/en/file/b2b5f9ea3202520e4a1c75b2500dc200cda9158034d83bd98963ac93e4681aff/analysis/). When run, it connects, via UDP, port 443 to
   mtfsl.com  184.22.215.50.

October 16, 2013, 03:32:00 pm
Reply #1

berzerke

  • Newbie

  • Offline
  • *

  • 2
Another sample, this time it looks like a Zeus dropper. Virus total: https://www.virustotal.com/en/file/1835957467ab7a2660b3aafa1b9c616a0682323ba1e52912ea1d48ed092cb5b0/analysis/

This, after sleeping for several minutes, connects to zombies7.in 182.18.150.53