Select Page

Last night, I got this targeted Better Business Bureau spam:

Bbbspam32148812438888

It’s targeted, like a similar one we saw in the past.

However, in the previous version, a document was attached, that used an embedded OLE in an RTF document. You had to actually go through some hoops to get infected.

This one is different. It points you to a website called “document-repository(dot)com”, which pushes you into downloading a file, Complaint_Details_363619942.doc2.exe.

Documentrepository123888123

Documentrepository223888123

The file, of course, is a trojan (Sunbelt Sandbox report here). Submitting the file to VirusTotal shows mediocre detection.

Alex Eckelberry