Viral sample (July 31 / 2014) via spam link

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


=========
Received: from JQWRACL ([199.72.177.146])
Subject: voice message from 485-733-3944 for mailbox 098

You have received a voice mail message from 485-733-3944
Message length is 00:00:39. Message size is 232 KB.

Download your voicemail message from dropbox service (Google Disk Drive
Inc.):

https://goo.gl/DAHFeB
==========

Link decodes as:

http://espressomachinesinfo. com/wp-includes/images/Document-83265.zip

Which unzips as:  Document-83265.scr

Which was last analyzed by virustotal 20 minutes ago (by someone else)
and which was detected by only 1 out of 54 anti-virus programs:

 Sophos       Mal/Generic-S

https://www.virustotal.com/en/file/d78d1eb260d67f214a8bb7df81cfd91bbb488d0e6da4c4e5f5cbe963d956a811/analysis/

Site Timeline