Mittwoch, 18. Dezember 2013

UPS Delivery Notification Tracking Number

UPS Delivery Notification Tracking Number
enthält schädlichen email-Anhang mit einer doc-Datei

Package delivery confirmation invoice XCBMXDI508XCBMXDI866
Thank you,
United Parcel Service
*** This is an automatically generated email, please do not reply ***
© 2013 United Parcel Service. UPS

The attached ZIP file has the name invoiceU6GCMXGLL2O0N7QYDZ.doc and is 277 kB large file.

Furthermore, the tracking number in the email has an embedded URL that leads to a host where the malicious .doc can be downloaded from: hxxp://

The trojan is known as EXP/CVE-2012-0158.AQ.1, Exploit.CVE-2012-0158.Gen, Exploit.CVE-2012-0158.Gen (B),, Troj/DocDrop-AT, Trojan.Mdropper or TROJ_GEN.F47V1105.