Zipped Trojan in email attachment leads to further infection

Here is the proof you should never open attachments from anyone you don’t know or don’t trust: TrendLabs discovered spam emails professing to be from LSM Company, regarding a “Contract of Settlements”, that hold a .zip attachment with a Trojan.

The attachment is supposedly the contract in question, but you can’t see that it holds an .exe file because you are unable to scan it – it is protected by a password. To create an illusion of legitimacy, you are given the password in the email.

Not satisfied with infecting your computer with the Trojan (TROJ_FAKEALE.JH) in the attachment, after executing it you get connected to a website where you contract another: TROJ_FAKEAV.BQN.

Don't miss