Where to Buy Trend Micro Products

For Home

For Small Business

1-888-762-8736
(M-F 8:00am-5:00pm CST)

For Enterprise

1-877-218-7353
(M-F 8:00am-5:00pm CST)

Not in the United States?
Select the country/language of your choice:

Asia Pacific Region

Europe

The Americas

Not in the United States?
Select the country/language of your choice:

Asia/Pacific

Europe

America

Login

For Home

For Business

For Partners

Threat Encyclopedia

Coffee Served Hot With Cream and Malware!

ANALYSIS BY

Mark Christian Aquino


Social engineering finds its way to greet you with coffee in this spammed message. The message purports to be coming from the coffee chain Starbucks, and entices the user to open the email by telling the recipient that it is a gift from a friend. The said gift is to opened in the attachment, which turns out to be an executable file that Trend Micro detects as malware.

Upon closer inspection of the message, the From field reflects various email addresses and does not reflect as coming from the coffee company. The attached file named Starbucks Coffee Company gift details on 12.04.2014.exe is actually a ZBOT variant we detect as TSPY_ZBOT.YYJR. It then drops a NECURS variant detected as RTKT_NECURS.BGSG. The NECURS malware is notorious for final payload of disabling computers’ security features, putting computers at serious risk for further infections.

All the spammed mail and their variants, along with their embedded URLs and malware are detected and blocked by the Trend Micro™ Smart Protection Network™.

SPAM BLOCKING DATE / TIME: 09 Apr 2014 10:00:00 PM GMT-8
TMASE INFO

  • ENGINE:7.5
  • PATTERN:0622

Featured Stories

Connect with us on