another one from the current zbot runs which try to drop malware on your computer. These are targeted at business users more than home users, although a home user who has their own web space and an email account from that hosting provider are also likely to be affected by this.
Current Virus total detections: 3/47 https://www.virustotal.com/en/file/8ff5f6c1e5b368c2e9de2a0d98364f9cae6560ba54874f55779b78a0f487745c/analysis/
MALWR Auto Analysis: https://malwr.com/analysis/MmRjZDMzZDI0MjgyNGRjZjk5ODAwYWVhNzI0MGJiMzU/
The saving grace with this particular run of emails containing malware is that they are using an overlong file name in an attempt to fool or bypass antivirus detections. Hopefully many users will have a long enough user name or default downloads folder with a long enough name that will stop winzip and other tools unzipping this malware.
All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE then it is a problem and should not be run or opened.
This one is a password stealer designed to steal log ins and passwords from your browser and from FTP clients on the computer.