分析者: Cedrick Ramos

An email that poses as a notification of a possible account compromise carries an attachment that is detected as DRIDEX malware. To convince users to open the attachment, it instructs recipients to that the attachment contains further details of unusual account behavior. Opening the attachment executes the macro DRIDEX malware that is detected as W2KM_DRIDEX.YVD. This malware further downloads an information theft malware, detected as TSPY_DRIDEX.YVD. This further compromises the affected system.

Trend Micro product users are protected from this spam and the execution of the malware attached to it. We highly recommend not opening email attachments unless from an expected sender.

 垃圾邮件阻止日期/时间 : 2016年5月24日 22:34:00 GMT-8
 TMASE
  • TMASE引擎(全局:8.0
  • TMASE样式(全局):2344