Today I got a mail containing a malware from [email protected] The sender’s address is forged and this is kind of Email Spoofing. Email contains a description about malwares and encourages the receiver to install a file called Anti-Vir.rar.
Recently during one of my analysis of URLs from urlquery, I came up with a URL ending in: /ie8910.html. The link, after being opened, returns an index with the following code: As it can be seen from the “ip-blocked-by-firefox” Google Safe Browsing is already blocking the address, though there is no active service on port 8080 while there’s one running […]
UIC’s [Quick Analysis] blog posts are a fast way to share some information and/or samples which are under our microscope. About “Flash_update.exe” During my daily malware hunting I came across a sample reported by clean-mx at the following address: http://support.clean-mx.de/clean-mx/viruses.php?id=14808464 We have an executable named “Flash_update.exe” with (at the moment of writing) a low detection […]