Sorry guys, by the time I got back into work Trend has updated and I can not touch the file without it being scanned and quarantined.
Virus/Malware: TROJ_UPATRE.UMO Endpoint: W7250813242H51 Domain: Imcu.local\ File: C:\Users\davidm\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Outlook\DJ2VTIRG\F44907162.zip (F44907162.exe) Date/Time: 10/23/2014 21:47:09 Result: Quarantine From: [email protected] [mailto:[email protected]] On Behalf Of Micheal Espinola Jr Sent: Thursday, October 23, 2014 8:04 PM To: ntsysadm Subject: Re: [NTSysADM] RE: Email virus Much appreciated! -- Espi On Thu, Oct 23, 2014 at 4:59 PM, David McSpadden <[email protected]<mailto:[email protected]>> wrote: I'll get you a copy shortly. Sent from my iPhone On Oct 23, 2014, at 7:00 PM, Micheal Espinola Jr <[email protected]<mailto:[email protected]>> wrote: I'd be interested in a link to an upload to https://www.virustotal.com/. I'd love to see who is catching this and who is not. -- Espi On Thu, Oct 23, 2014 at 3:40 PM, Ed Ziots <[email protected]<mailto:[email protected]>> wrote: Care to send a sample so I can look from a malware analysis prespective. Ed On Oct 23, 2014 12:14 PM, "Michael B. Smith" <[email protected]<mailto:[email protected]>> wrote: It's very widespread at 2 of my large clients. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of David McSpadden Sent: Thursday, October 23, 2014 11:26 AM To: '[email protected]<mailto:[email protected]>'; Patch Management Mailing List ([email protected]<mailto:[email protected]>) Subject: [NTSysADM] Email virus Getting a hit on RE: daily report It is attached with a .zip. Anyone else seeing this? This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
