A Collaborative News Blog

Online Homes Buy is a Collaborative News Blog for Blogger. Post here and get a quality backlinks, increase your pagerank instantly
 

Beware everyone, New Michael.Jackson.videos.scr Virus Spreading

[FRESH – JUNE 26, 2009] A new spammers starting to exploit attention-grabbing headlines of recent celebrity deaths. Sophos described one such message, with the subject "Confidential===Michael Jackson", in their blog posting. Today we’re starting to see reports of these messages directing individuals to websites that distribute malicious software.

The spam email appears to offer a link to a YouTube video, but instead sends the recipient to a Trojan Downloader hosted on a compromised Web site. The file offered is called Michael.Jackson.videos.scr (MD5: 664cb28ef710e35dc5b7539eb633abca). This file is located on a legitimate Web site hosted in Australia belonging to a radio broadcasting station. Upon executing the file, a legitimate Web site at http://musica.uol.com.br/ultnot/2009/06/25/michael-jackson.jhtm is opened by the default browser in order to distract the user by presenting a news article for them to read.

In the background, three further information-stealing components are downloaded and installed by the malware. One of the downloaded files is called michael.gif, which has low AV detection rates – see VT results here. The malware then installs a malicious BHO that is registered with this file %windir%\Dynamic.dll and this GUID {FCADDC14-BD46-408A-9842-CDBE1C6D37EB}. Another component is bound to startup at %windir%\system32\kproces.exe. Another malicious file installed by the malware is %windir%\system32\fotos.exe.

Translation of the email is as follows: 

Screenshot of the malicious spam:

Screenshot of the malicious file masquerading as a video:

Virus Identity:

  • General Name : Michael.Jackson.videos.scr
  • File size: 28672 bytes

Although this virus categorized as low thread, but you shouldn’t click that. You’re warned already


Popularity: 5% [?]

Further reading here...


About Admin

Blogging and, especially Wordpress lover. He can tweak small wordpress code to meet any need. Not a designer, though. Interested in programming world. He loves PHP and Visual Basic. You can argue, but I think, wordpress platform is the best blog platform today. Website | Email


Comments (5)    Posted in Antivirus, Manual Removal    

Subscribe RSS 2.0 feed. Leave a response, or Trackback from your own site.

5 Responses to 'Beware everyone, New Michael.Jackson.videos.scr Virus Spreading'

  1. Aswani - June 27th, 2009 at 1:24 pm

    Hello, thank you so much for sharing this info :)

  2. wallpaper - June 27th, 2009 at 7:52 pm

    share you some great wallpapers http://www.uwall.net/

  3. dede - June 28th, 2009 at 12:08 am

    Really good site, i learn more form here, thanks for sharing…

    Learn to blog with Dede Onlne Weblog and get Free Recipe

  4. Chezzny - December 14th, 2009 at 11:43 pm

    Michael Jackson would always be the best popstar ever. i love all his songs and his live concerts.
    *

  5. Jonathan - December 31st, 2009 at 2:45 pm

    Michael Jackson is truly the King of Pop. He made a lot of great songs in the area of Pop Music. His death is a great loss to the music industry.

Leave a Reply


Don’t Miss a Thing, Subscribe Here
Onlinehomesbuy Feedburner


My Stats


Promote Your Site Here

A Collaborative News Blog - Blogged


My Alexa Rank

Page Rank

Chat with Me

  • Partner links