Internet threat level: 1
Home→Blog→Virus Watch→June 28 2007→A green grin
A green grin
Earlier today we intercepted a number of mailings with a new Warezov downloader. The good news is that it's already detected as Email-Worm.Win32.Warezov.pk, which we added to our database two days ago.
What's interesting about the mails is that along with the usual executable (which in this case is called "access.exe") the messages have a couple of PDFs attached.
The PDFs, which are otherwise harmless, contain alleged financial transactions. Here's an example:
If you get tricked by these and get to run the executable, it will contact kitinjderunhadsun.com and download another executable from there. This second exe is 91095 bytes in size, and we detect it as Email-Worm.Win32.Warezov.iq.
We detected the first version of Warezov almost one year ago and after all this time, the gang behind these worms is still roaming free. I'm really looking forward to the day they get caught.
Comments
Analysis
Blog
Alerts
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.