Description
Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain an unspecified message for the recipient. The e-mail message instructs the recipient to open the .zip attachment to view the details. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.
E-mail messages that are related to this threat (RuleID5152) may contain the following files:
TT slip.zip
TT slip.jpg.scr
The TT Copy.scr file in the TT Copy.zip attachment has a file size of 360,448 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xCD4E3ABEEA92923302E82C36FB70B54A
The following text is a sample of the e-mail message that is associated with this threat outbreak:
Subject: ac9bf4cc60817c093a76fb385e3931b6
Source: Cisco