[MALICIOUS] BTC-E Passport (email)

Bitcoin Forum

May 14, 2024, 04:37:19 PM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Bitcoin Forum > Economy > Trading Discussion > Scam Accusations > [MALICIOUS] BTC-E Passport (email)

Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.

Pages: [1]

« previous topic next topic »

Author

Topic: [MALICIOUS] BTC-E Passport (email) (Read 1231 times)

dddbtc (OP)

Sr. Member

Offline

Activity: 490
Merit: 250

[MALICIOUS] BTC-E Passport (email)

March 11, 2014, 05:07:16 PM

This slipped through my gmail spam filter this morning. Just thought I'd post a screenshot so a newer member doesn't download the malicious attachment. In terms of fake emails, this one is above average because they managed to fake the SMTP headers.

The attachment is a file called Document(03-2014).rar

After unraring, the contents are Document passport data - Realsed (2014-03).jar (yeah....not running that)

VirusTotal Analysis:

https://www.virustotal.com/en/file/17eaec30da2f752073f068a2d1c840087bc91f53570b4c13ec526da2ae98ddcd/analysis/1394557261/

Antivirus    Result
Comodo    UnclassifiedMalware
ESET-NOD32    a variant of Java/Adwind.G
TrendMicro    JAVA_OZNEB.B
TrendMicro-HouseCall    TROJ_GEN.F47V0311

So, as I guessed from the beginning, the .jar file is malicious haha

Hope this post helped someone out.