And, here come the Boston bombing spam
You don’t want to go there…
Screenshot of sample email
Network traffic at URL – there is Youtube content, but that’s not all – check out the other content being pulled from techpourri.com, and the highlighted EXE
Antivirus tests make it clear that something is not right with that exe, which during tests was seen to use an old MSN Butterfly logo – if I recall correctly they stopped using that logo back in late 2009.
So let’s just take a quick look at what the installer does:
(Note: tmp.exe is later deleted)