IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Fedex Virus - or not a virus
rocky500
post 6.12.2011 15:25
Post #1


Member
**

Group: Members
Posts: 20
Joined: 9.04.2008
From: Australia




Just recieved an email that looks like it comes from Fedex.
------------------------------------------------
Subject: FedEx Delivery Error No|27318

Main Body text:
"This is a post notification,
Your parcel has arrived at the post office on December 2.
Our Driver was unable to deliver the parcel to your address.
Please print out the invoice copy attached and collect the package at our office.
Thank you for your attention,
FedEx Logistics Services."

------------------------------------------------
Now this has an attachment "FedEx_invoice.zip"
Inside the zip is a file "FedEx_invoice.exe"

I know this is not a real email and doing a search on the net points this to a virus in 2009 on one site.
Now I scanned the file with Kaspersky and all is ok. Scanned with Malwarebytes & superantispyware and they don't find anything.
Now I ran the file by right clicking and selecting saferun, kaspersky pops up quite a few messages about Malicious URL's being blocked. 4 of them.

Is this a new type Virus or mailware to that goes to sites and does something?. Anyone else get this?
Or is this just spam?

This post has been edited by rocky500: 6.12.2011 15:26
Go to the top of the page
 
+Quote Post
mdas
post 6.12.2011 15:47
Post #2


Member
**

Group: Members
Posts: 14
Joined: 27.11.2011
From: india




Yes Fedex is a virus.For more information you can check this link :- http://www.fedex.com/bz/fraud/virusalert.html (The original company message to all the users)

edit: del quote.

This post has been edited by richbuff: 7.12.2011 03:37
Go to the top of the page
 
+Quote Post
rocky500
post 6.12.2011 16:01
Post #3


Member
**

Group: Members
Posts: 20
Joined: 9.04.2008
From: Australia




My email provider marked this as spam. (iinet Australia) I do have AV turned on from iinet and it came through to me, meaning it thinks its not a virus either.

Its just that KIS2012 does not think there is any funny business in the attachment.
It scans and says its ok.
Some sort of riskware, trojan dowloader not detected by AV's?

This post has been edited by rocky500: 6.12.2011 16:03
Go to the top of the page
 
+Quote Post
Baz^^
post 6.12.2011 16:16
Post #4


Wrestling Champion
**************

Group: Moderators
Posts: 8799
Joined: 10.03.2007




Hi,

Please submit the file to the viruslab:

http://forum.kaspersky.com/index.php?showtopic=13881


--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post
rocky500
post 6.12.2011 16:26
Post #5


Member
**

Group: Members
Posts: 20
Joined: 9.04.2008
From: Australia




Thanks for that.
I think I have sent it, maybe twice.
Followed instructions and zip was in quarantine.
Right clicked "send for analysis..."
Nothing seems to happen, no notification it has been sent. Did it twice. I hope it went to them.

FOUND IT. My email program came up behind the browser to send as an attachment in an email. Doh!

This post has been edited by rocky500: 6.12.2011 16:38
Go to the top of the page
 
+Quote Post
rocky500
post 7.12.2011 15:35
Post #6


Member
**

Group: Members
Posts: 20
Joined: 9.04.2008
From: Australia




Kaspersky just poped up a detection of the file now.
trojan.Win32.yakes.kxs

Thanks Kaspersky, that was quick.
Go to the top of the page
 
+Quote Post
rocky500
post 14.12.2011 16:49
Post #7


Member
**

Group: Members
Posts: 20
Joined: 9.04.2008
From: Australia




Just got another virus from a fake "Fed Ex" email.
I do not get hardly any virus's sent to me. So to have 2 in a week is very unusual.
This time Kaspersky got it as soon as it arrived.
Trojan.Win32.Jorik.MokesLoader.em
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 24.04.2014 17:00