DHL International. Please get your parcel NR.2632

[michael]

Achtung Fake Mail mit Virus im Umlauf!

Anhang: DHL_Label_066f6.zip

Text:

Hello!

The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address.

You may pickup the parcel at our post office personaly.

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.


Please do not reply to this e-mail, it is an unmonitored mailbox!


Thank you,
DHL Global Forwarding Services.

[netmaster]

Was macht denn der Virus, ausser einen zur Post zu schicken?

[michael]

Es halndelt sich um den Trojaner TrojanDownloader:Win32/Bredolab.X der laut Microsoft eine Datei namens zqosys32.exe übers Netz nachzieht.

Disables system settings
TrojanDownloader:Win32/Bredolab.X attempts to disable HIPS (Host-based Intrusion Prevention System) monitoring.

Downloads other malware
TrojanDownloader:Win32/Bredolab.X attempts to connect to a remote server to report that it has infected the system and to download other malware. It has been observed contacting a remote host at IP '78.109.29.116' for this purpose, from which it downloaded variants of Win32/Momibot and Win32/Waledac malware.

Quelle: http://www.microsoft.com/security/po...2%2FBredolab.X