Sorry guys, by the time I got back into work Trend has updated and I can not touch the file without it being scanned and quarantined.
Virus/Malware: TROJ_UPATRE.UMO Endpoint: W7250813242H51 Domain: Imcu.local\ File: C:\Users\davidm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\DJ2VTIRG\F44907162.zip (F44907162.exe) Date/Time: 10/23/2014 21:47:09 Result: Quarantine From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Micheal Espinola Jr Sent: Thursday, October 23, 2014 8:04 PM To: ntsysadm Subject: Re: [NTSysADM] RE: Email virus Much appreciated! -- Espi On Thu, Oct 23, 2014 at 4:59 PM, David McSpadden <dav...@imcu.com<mailto:dav...@imcu.com>> wrote: I'll get you a copy shortly. Sent from my iPhone On Oct 23, 2014, at 7:00 PM, Micheal Espinola Jr <michealespin...@gmail.com<mailto:michealespin...@gmail.com>> wrote: I'd be interested in a link to an upload to https://www.virustotal.com/. I'd love to see who is catching this and who is not. -- Espi On Thu, Oct 23, 2014 at 3:40 PM, Ed Ziots <eziot...@gmail.com<mailto:eziot...@gmail.com>> wrote: Care to send a sample so I can look from a malware analysis prespective. Ed On Oct 23, 2014 12:14 PM, "Michael B. Smith" <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: It's very widespread at 2 of my large clients. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of David McSpadden Sent: Thursday, October 23, 2014 11:26 AM To: 'ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>'; Patch Management Mailing List (patchmanagem...@listserv.patchmanagement.org<mailto:patchmanagem...@listserv.patchmanagement.org>) Subject: [NTSysADM] Email virus Getting a hit on RE: daily report It is attached with a .zip. Anyone else seeing this? This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
