New trojan variant Served Via Fake USPS Postal Notification

Sponsored Links
MX Lab researchers have intercepted a new trojan distribution campaign by email regarding the delivery issues of a parcel forwarded by USPS.

The email is send from the spoofed address “USPS Mail Service <mail.service@birmingham.com>” and has the following body:

Postal notification,

We couldn’t deliver your parcel.

Reason Fee isn’t paid.
LOCATION:Worcester
STATUS OF YOUR PARCEL: not delivered
SERVICE: Express Shipping
ITEM NUMBER:U642955251 NU
INSURANCE: No

Postal label is enclosed to the letter.
Print your label and show it in the nearest post office of USPS

Information in brief:
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $16.41 for each day of keeping of it.

You can find the information about the procedure and conditions of parcels keeping in the nearest office.

Thank you.
USPS Customer Services.
The attached ZIP file has the name Label_Details_USPS_Tracking_ID36920.zip and contains the 61 kB large file USPS_Print_Label.exe.

The trojan is known as Suspicious file (Panda).

At the time of writing, only 1 of the 42 AV engines did detect the trojan at Virus Total.
Category:

Share this with Your friends:


About Author

, founder of E Hacking News, an Information Security enthusiast who has more interest in PenTesting and Malware analysis. You can find him on Google+ Profile , Twitter and Facebook.