Products & Services
Support

Product Categories


Popular Downloads


Manage Software

How to Buy

For Home

Linksys Products Store
Linksys is now part of Belkin
Products for everyone

All Ordering Options

Training & Events Partners
Guest

Threat Outbreak Alert

Threat Outbreak Alert: Fake United Parcel Service Shipment Error E-mail Messages on February 14, 2013

 
Threat Type:IntelliShield: Threat Outbreak Alert
IntelliShield ID:19743
Version:112
First Published:2010 January 20 16:17 GMT
Last Published:2013 February 14 21:00 GMT
Port: Not available
Urgency:Possible use
Credibility:Confirmed
Severity:Harassment
 
 
Version Summary:Cisco Security has detected significant activity on February 14, 2013.
 

Description
 
Cisco Security has detected significant activity related to spam e-mail messages that inform the recipient about the delivery failure of a United Parcel Service (UPS) shipment. The message instructs the recipient to print a label from the attached .zip or .scr file and collect the package from a UPS office. However, the .scr file and the .zip file contain a malicious .exe file that, if executed, attempts to infect the user's system with malicious code.

E-mail messages that are related to this threat (RuleID2577, RuleID2577KVR, RuleID2641, RuleID2641KVR, RuleID2837, RuleID2989, RuleID3020, RuleID2969KVR, RuleID3077, RuleID3127, RuleID3154, RuleID3154KVR, RuleID3159, RuleID3159 KVR, RuleID3212, RuleID3235KVR, RuleID3238, RuleID3261, RuleID3270, RuleID3270KVR, RuleID3291, RuleID3236, RuleID3236KVR, RuleID3370, RuleID3373, RuleID3381, RuleID3383, RuleID3383KVR, RuleID3190, RuleID3190KVR, and RuleID3606KVR) may contain any of the following files:

UPS_invoice _Nr97534.zip
UPS_invoice _Nr97534.exe
UPS_invoice_NR34587.zip
UPS_invoice_NR34587.exe
UPS_invoice copy_1479.zip
UPS_invoice copy_1479.exe
UPS_postal_document_897.zip
UPS_postal_document_797.exe
UPS_INVOICE_NR.9932-422225.zip
UPS_INVOICE_NR.9932-422225.DOC.exe
UPS_LABEL_Nr.SDO_9932-24522111.zip
UPS_LABEL_Nr.SDO_9932-24522111.DOC.exe
UPS_INV_NR.99392-322.zip
UPS_INV_NR.99392-322.DOC.exe

invoice_N1159768.zip
UPSInvoice.exe

UPS_INVOICE_06.2010.zip
UPS_INVOICE_06.2010.DOC.exe
UPSInvoiceEE340349C.zip
UPSInvoice_EE76121AC.exe
UPS_document_Nr1411q.zip
UPS_document_Nr1411q.exe
FEDEXInvoiceEE313918OP.zip
FEDEXInvoiceEE146545OP.zip
FedexInvoice_EE776129.exe
FEDEXInvoiceEE927687OP.zip
FEDEXDocEE538823OP.zip
Postal_Label_NR1147a.zip
Postal_Label_NR1147a.exe
YourInvoiceN886236OP.zip
FedEx_postal_label_Nr2181.zip
FedEx_postal_label_Nr2181.exe
Your_invoice_copy.zip
Your_invoice_copy.exe
FedEx_Label_Nr193F.zip
FedEx_Label_Nr193F.exe
FedEx_invoice.zip
FedEx_Invoice_#UK53106.zip
FedEx_invoice.exe
UPS_Document_NR3078.zip
UPS_Document.exe
Label_UPS_Nr11374.zip
UPS_Document_NR2656.zip
UPS_Document_NR8644.zip
UPS_Document.exe
UPS_Document_NR5579.zip
UPS_Document.exe
UPS_Label_NR8288.zip
UPS_Document.exe
UPS_Label_NR5593.zip
UPS_Document.exe
UPS_Document_Nr76860.zip
UPS_Document.exe
invoice4552937pdf.scr
USPS_document_Nr.92014.zip
USPS_document.exe
FedEX_Information_IDS4386.zip
FedEx_Information.exe
_invoice_vtr.scr
UPS_TRACKING_SNB-122010.zip
f559768e1c98386459b2fbf1aff45095_UPS_TRACKING_SNB-122010.exe
UPS_TR_MESSAGE-NBNM211210.zip
UPS_TR_MESSAGE-NBNM211210.exe
ups-prnt-tr-copy-tr2398123234.zip
u-tracking-copy-snb231210.exe
UPS-PRNT_COPY29122010.zip
UPS-PRNT_COPY29122010.exe
belling_pdf.exe
FeDex18250982134-Invoice-copy-02172011-9.zip
FeDex18250982134-Invoice-copy-02172011-9.exe
http-fiscalia-gov-co-listado-paginas-webs-fraudulentas-encolombia165479536516547xls.exe
ups-delivery-tracking-notification-pr51wktj6f89w75w.zip
ups-prt-copy-Invoice-3710398-74119628.exe
United-Parcel-Service_Delivery-Message-75506262457086642156.zip
United-Parcel-Service_Delivery-Message-75506262457086642156.exe
United-Parcel-Service_Delivery-Notification-045608084255372923989.zip
United-Parcel-Service_Delivery-Notification-045608084255372923989.exe
United-Parcel-Service_Delivery_Invoice-copy-24295420793746409759.zip
United-Parcel-Service_Delivery_Invoice-copy-24295420793746409759.exe
UPS-Tracking_Notification-032011-224j95q0g39270pt-56043504831336724653.zip
UPS-Tracking_Notification-032011-224j95q0g39270pt-56043504831336724653.exe
UPS_Delivery_Confirmation_Alert-121762709.zip
UPS-Delivery-Confirmation-Alert.exe
dhl-parcel_tracking-notice-message_08626498022718286470-dzIYKrdkUlfMJKewQMsj.zip
dhl-parcel_tracking-notice-message_08626498022718286470-dzIYKrdkUlfMJKewQMsj.exe
usps-delivery-tracking_notification_85375239159251008296.zip
USPS_parcel_delivery_message_prtcopy-90536378763593197770.zip
USPS_parcel_delivery_message_prtcopy-90536378763593197770.exe
US_Postal_Service-delivery-tracking-issue-96945919387006693_SvUOuYaaEGWjAp.zip
US_Postal_Service-delivery-tracking-issue-96945919387006693_SvUOuYaaEGWjAp.exe
UPS_TRACKING_NR_888278924.zip
UPS_TRACKING_NR_888278924.exe
Post_Express_Label_ID_05071.zip
Post_Express_Label_ID_43501.zip
Post_Express_Label.exe
UPS_TRACKING_NR88338345-DS.zip
UPS_TRACKING_NR88338345-DS.exe
UPS_Document.exe
UPS_Document.zip
UPS_document.zip
UPS_document.exe
parcel.zip
1.exe
parcels.zip
parcels.exe
upsparsel.zip
Postal_document_00966.zip
Attached_SecurityCode.exe
Postal_document_08704.zip
Postal_document_67419.zip
Postal_document#01478.zip
Postal_document.exe
Postal_document_03035.zip
Postal.Document.exe
debito-abril-maio.pdf.exe
id-23485.pdf.exe
Postal_Label_#06426.zip
Postal_Label_#52785.zip
Postal_Label_#79771.zip
Postal_Label_#69030.zip
Postal_Label_#23784.zip
Postal_Label_TN.65008.zip
Postal_Label_TN.93154.zip
Post_Label_#US9821.zip
Postal_Label.exe
transaction-report.pdf.exe
Postal_document_#22087.zip
Postal_document_#60677.zip
Postal_document_#46891.zip
Ups_TRNR5WU73476.zip
UPS_DE~1.EXE
UPS_id0Gr75142.zip
UPS_IN~1.EXE
MYUPS_id583Z170440759.zip
UPS_LE~1.EXE
UPS-prnt-label-tracking-delivery-notification-message-52952144115-071018753.zip
UPS-prnt-label-tracking-delivery-notification-message-52952144115-071018753.exe
comprovante.pdf.exe
UPS_NR440zZ2798357.zip
ups_TR9Lci5498.zip
ups_NR1oY97887517.zip
UPS_NR10e409316239.zip
MYUPS-ID038V67802430.zip
UPS_NO~1.EXE
Change_09152011_Z438.zip
Changelog_09292011.zip
CHANGE~1.EXE
IRS_09_26_25401.zip
IRSGOV~1.EXE
IRS_Letter_0927_24130.zip
IRS__0~1.EXE
Open_Invoices_09.28.2011_M461644.zip
OPEN_I~1.EXE
UPS_Delivery_Notification-44472949009467712741.zip
UPS-Delivery-Notification.exe
Post_Label#ID3909US.zip
Post_Label#ID6025US.zip
Post_Label_#US5358.zip
Post_Label_#US7452.zip
Post_Label_#0945US.zip
Post_Label_IN9250US.zip
Post_Label_IN6629US.zip
Post_Label_N4339US.zip
Post_Label_N0792US.zip
Post_Label_N1426US.zip
Post_Label_N1541US.zip
Post_Label.exe
UPS-DELIVERY-NOTIFICATION-MESSAGE-4822115641472376.zip
Delivery_Tracking_Notification-United_Parcel_Service-nov-2011.exe
UPS_Delivery_Notification-CZ6JN0S8E6W9KNR4HFB6C.zip
UPS_Delivery_Notification.exe
UPS-Billing-Invoice-Notification-581282736038560.zip
UPS-Billing_Notification-Details.exe
FedEx_Invoice_N572US.zip
FedEx_Invoice.exe
Post_Label_US#7156.zip
Post_Label.zip
documentos07.pdf.exe
boletovivosa.pdf.exe
Post_Label_N1912US.zip
Post_Label_N0759US.zip
Post_Label_US2853.zip
Post_Label_N1365US.zip
Boleto_PDF.exe
invoiceA451B1.JPG.exe
invoiceA46DB2.JPG.exe
invoice3887A.JPG.exe
UPS document.zip
UPS Document.exe

invoiceF242F1.JPG.exe
invoice3BE7EB.JPG.exe

UPS document.exe
rapport.pdf.exe
invoiceD4E87CA.JPG.exe

UPSDocument110331640275.zip
UPS Document PDF.exe

confirmation_pdf.exe
USPS report.zip
USPS report.exe
USPS report id475390873.zip
USPS report id475390873.exe


The UPS_invoice _Nr97534.exe file in the UPS_invoice _Nr97534.zip attachment has a file size of 67,584 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x28D798D6021E600101BA68E87345656

The UPS_invoice_NR34587.exe file in the UPS_invoice_NR34587.zip attachment has a file size of 41,984 bytes and an MD5 checksum with the following string: 0x29916B2F160333DB41F6B68AD05B8B02

The UPS_invoice copy_1479.exe file has a file size of 53,248 bytes and an MD5 checksum with the following string: 0x29916B2F160333DB41F6B68AD05B8B02

The UPS_postal_document_797.exe file has a file size of 48,128 bytes and an MD5 checksum with the following string: 0x7507AF9E3BD3D4CD20941342CB331551

The UPS_INVOICE_NR.9932-422225.DOC.exe file has a file size of 36,864 bytes and an MD5 checksum with the following string: 0xAEA6EC05A067BC7BF0535CF75BDE5102

The UPS_LABEL_Nr.SDO_9932-24522111.DOC.exe file has a file size of 35,840 bytes and an MD5 checksum with the following string: 0x9923C746E0F632144F446C6C8E0EE335

The UPS_INV_NR.99392-322.DOC.exe file has a file size of 54,784 bytes and an MD5 checksum with the following string: 0x3576E1CEB86253BB350BCB8BFEA58857

The UPSInvoice.exe file has a file size of 82,432 bytes and an MD5 checksum with the following string: 0x08FF8B9112C9AB8E001165CE85907FCD

The UPS_INVOICE_06.2010.DOC.exe file has a file size of 60,416 bytes and an MD5 checksum with the following string: 0x35B5EE9038D417E3136E373044F2D24B

The UPSInvoice_EE76121AC.exe file has a file size of 37,376 bytes and an MD5 checksum with the following string: 0x424D531F5DCB364C5B29BDCB5962C8F9

The UPS_document_Nr1411q.exe file has a file size of 35,840 bytes and an MD5 checksum with the following string: 0x3D9C8E173FE2D89F7410427A781F6F4F

The FedexInvoice_EE776129.exe file has a file size of 35,328 bytes and an MD5 checksum with the following string: 0xD4E2875127F5CBDF797DE7F1417F96A7

A variant of the FedexInvoice_EE776129.exe file could also have a file size of 35,328 bytes and an MD5 checksum with the following string: 0x2587D5DC4B18E652532E556AC26F2290

A third variant of the FedexInvoice_EE776129.exe file has a file size of 43,520 bytes and an MD5 checksum with the following string: 0x33EC9D5D5435E97A18EE8C21AA51A575

A fourth variant of the FedexInvoice_EE776129.exe file has a file size of 50,176 bytes and an MD5 checksum with the following string: 0xCE6DFE0C5AA2977B82C94C61914EF1B7

The Postal_Label_NR1147a.exe file has a file size of 38,400 bytes and an MD5 checksum with the following string: 0x8D3897485C608CDC0F9B13FD2C14A785

A fifth variant of the FedexInvoice_EE776129.exe file has a file size of 54,784 bytes and an MD5 checksum with the following string: 0x6AB5033813D1193FEBB2FBE0BDBAF07F

The FedEx_postal_label_Nr2181.exe file has a file size of 39,936 bytes and an MD5 checksum with the following string: 0xE202CE47A5CDD18C846D32E576FBAD51

The Your_invoice_copy.exe file has a file size of 31,744 bytes and an MD5 checksum with the following string: 0x556416B4FFE47082C333A49F673C42F6

The FedEx_Label_Nr193F.exe file has a file size of 30,720 bytes and an MD5 checksum with the following string: 0x753F83B060EEA9B4FD188000D9ED30AA

The FedEx_invoice.exe file has a file size of 32,256 bytes and an MD5 checksum with the following string: 0xC47C6753B119744324BE2D313E8F053E

The UPS_Document.exe file has a file size of 62,976 bytes and an MD5 checksum with the following string: 0x3BA5A6A3AB81446181C84DF0F39EEEB9

A variant of the UPS_Document.exe file in the Label_UPS_Nr11374.zip or UPS_Document_NR2656.zip attachment has a file size of 40,960 bytes. The MD5 checksum is the following string: 0xA4E94705777B7B92C207223DF66A4FB0

A second variant of the UPS_Document.exe file in the UPS_Document_NR8644.zip file has a file size of 62,976 bytes and an MD5 checksum with the following string: 0x3BA5A6A3AB81446181C84DF0F39EEEB9

A third variant of the UPS_Document.exe file in the UPS_Document_NR5579.zip file has a file size of 34,304 bytes and an MD5 checksum with the following string: 0xF3A9AA3596054E9C3EAEAC4C0A709A3C

A fourth variant of the UPS_Document.exe file in the UPS_Label_NR8288.zip file has a file size of 40,960 bytes and an MD5 checksum with the following string: 0x3B10182B0CAA1FB05ADA208119D68978

A fifth variant of the UPS_Document.exe file in the UPS_Label_NR5593.zip file has a file size of 40,960 bytes and an MD5 checksum with the following string: 0x3B10182B0CAA1FB05ADA208119D68978

A sixth variant of the UPS_Document.exe file in the UPS_Label_Nr76860.zip file has a file size of 81,408 bytes and an MD5 checksum with the following string: 0x69753776E8A6AC3579D3C06A4AC50F10

The invoice4552937pdf.scr file has a file size of 75,264 bytes and an MD5 checksum with the following string: 0xAD847DF23EC31102AA82BED0B03F2736

The USPS_document.exe file in the USPS_document_Nr.92014.zip attachment has a file size of 24,514 bytes.

The FedEx_Information.exe file in the FedEX_Information_IDS4386.zip attachment has a file size of 71,680 bytes and an MD5 checksum with the following string: 0x8F49B60FE2E49B7568C27DC588BC24C2

The _invoice_vtr.scr file has a file size of 155,136 bytes and an MD5 checksum with the following string 0xAC58C26612DEF1C451361001006ABBFD

The f559768e1c98386459b2fbf1aff45095_UPS_TRACKING_SNB-122010.exe file has a file size of 151,568 bytes. The MD5 checksum is the following string: 0xF559768E1C98386459B2FBF1AFF45095

The UPS_TR_MESSAGE-NBNM211210.exe file in the UPS_TR_MESSAGE-NBNM211210.zip attachment has a file size of 151,072 bytes and an MD5 checksum with the following string: 0x44B40E043A6C5D2A00601008437688A1

The u-tracking-copy-snb231210.exe file in the ups-prnt-tr-copy-tr2398123234.zip attachment has a file size of 152,064 bytes and an MD5 checksum with the following string: 0xB2A9A54E05C45E5F29D053224B779E

The UPS-PRNT_COPY29122010.exe file in the UPS-PRNT_COPY29122010.zip attachment has a file size of 159,744 bytes and an MD5 checksum with the following string: 0xB5583049CB1CE00BA9EDB2E0EC4A69B7

The belling_pdf.exe file has a file size of 135,168 bytes and an MD5 checksum with the following string: 0x3AA03E5407A6E19A41A219B784BF77B0

The FeDex18250982134-Invoice-copy-02172011-9.exe file in the FeDex18250982134-Invoice-copy-02172011-9.zip attachment has a file size of 120,320 bytes and an MD5 checksum with the following string: 0xB54B12BDD47A94AD2CD2761E0C318768

The http-fiscalia-gov-co-listado-paginas-webs-fraudulentas-encolombia165479536516547xls.exe file has a file size of 53,248 bytes and an MD5 checksum with the following string: 0xCF6D110B01FFD6F5D07B06EB58B95CE4

The ups-prt-copy-Invoice-3710398-74119628.exe file in the ups-delivery-tracking-notification-pr51wktj6f89w75w.zip attachment has a file size of 135,680 bytes and an MD5 checksum with the following string: 0xB859BAA419E3AB12B7FDE49C32922A76

The UPS-Tracking_Notification-032011-224j95q0g39270pt-56043504831336724653.exe file in the UPS-Tracking_Notification-032011-224j95q0g39270pt-56043504831336724653.zip attachment has a file size of 139,264 bytes and an MD5 checksum with the following string: 0xE5CFAE9BDEC97FECF1BC527A18098F17

The dhl-parcel_tracking-notice-message_08626498022718286470-dzIYKrdkUlfMJKewQMsj.exe file in the dhl-parcel_tracking-notice-message_08626498022718286470-dzIYKrdkUlfMJKewQMsj.zip attachment has a file size of 142,992 bytes and an MD5 checksum with the following string: 0xBF734F36BDEAD898BAF0464FF55FB961

The usps-delivery-tracking_notification_85375239159251008296.zip attachment has an approximate file size of 142,643 bytes.

The USPS_parcel_delivery_message_prtcopy-90536378763593197770.exe file in the USPS_parcel_delivery_message_prtcopy-90536378763593197770.zip attachment has a file size of 151,040 bytes and an MD5 checksum with the following string: 0x79FEE6888D422FC0176450A4B2865C5A

The US_Postal_Service-delivery-tracking-issue-96945919387006693_SvUOuYaaEGWjAp.exe file in the US_Postal_Service-delivery-tracking-issue-96945919387006693_SvUOuYaaEGWjAp.zip attachment has a file size of 150,016 bytes. The MD5 checksum is the following string: 0x9C282E81153050CA3117D698F2DD8279

The Post_Express_Label.exe file in the Post_Express_Label_ID_05071.zip attachment has a file size of 31,880 bytes and an MD5 checksum with the following string: 0xB97D666A3550F17ABCC15633F16C2DE1

The UPS_TRACKING_NR_888278924.exe file in the UPS_TRACKING_NR_888278924.zip attachment has a file size of 546,816 bytes. The MD5 checksum is the following string: 0x0B6620F5942F718BEDB876212016B82F

Another variant of the Post_Express_Label.exe file in the Post_Express_Label_ID_43501.zip attachment has a file size of 28,672 bytes and an MD5 checksum with the following string: 0x6AFA37AC8DC9D4A776C7ECFD637DA2B0

The UPS_TRACKING_NR88338345-DS.exe file in the UPS_TRACKING_NR88338345-DS.zip attachment has a file size of 546,816 bytes and an MD5 checksum with the following string: 0x7D493964192A708E97D1C90250504746

A seventh variant of the UPS_Document.exe file in the UPS_Document.zip file has a file size of 17,920 bytes and an MD5 checksum with the following string: 0xE4D6C0022EFB98D4883927D3887914EB

An eighth variant of the UPS_Document.exe file in the UPS_Document.zip file has a file size of 17,920 bytes and an MD5 checksum with the following string: 0x618F3343D77A6194E3A1730C6D6994F8

The UPS_document.exe file in the UPS_Document.zip file has a file size of 18,432 bytes and an MD5 checksum with the following string: 0x75062EEF8BE862050EDE454C6D2FC9C4

Another variant of the UPS_document.exe file in the UPS_Document.zip file has a file size of 18,432 bytes and an MD5 checksum with the following string: 0x70FA96A7909CAA78493DB8CBF4FCFF53

Another variant of the UPS_document.exe file in the UPS_Document.zip file has a file size of 18,432 bytes and an MD5 checksum with the following string: 0x10A4F716F78EE17EEE8D6158F46F216D

The 1.exe file in the parcel.zip file has a file size of 36,864 bytes and an MD5 checksum with the following string: 0xF5C693CB0BD6C69F523D543E1F9A8B77

The parcels.exe file in the parcel.zip file has a file size of 41,984 bytes and an MD5 checksum with the following string: 0x1F80ABE62CE7DE03C1C5D909A1AA5AFE

A variant of the 1.exe file in the upsparsel.zip file has a file size of 47,104 bytes and an MD5 checksum with the following string: 0x4EC1DA35BA1AEFDE27316281DE343A89

A fourth variant of the UPS_document.exe file in the UPS_Document.zip file has a file size of 18,944 bytes. The MD5 checksum is the following string: 0x2ABF670B5E6EBA3F60924128F5B3E050

A fifth variant of the UPS_document.exe file in the UPS_document.zip file has a file size of 18,944 bytes. The MD5 checksum is the following string: 0xF504954F85E1F71773DA5878B5EB0357

The Attached_SecurityCode.exe file in the Postal_document_00966.zip attachment has a file size of 20,992 bytes. The MD5 checksum is the following string: 0x15BC096E90F6223BD819B99814CFA865

The Postal_document.exe file in the Postal_document_08704.zip attachment has a file size of 20,992 bytes. The MD5 checksum is the following string: 0x5B609D36FBB1B99A6681A52C5E842BF8

Another variant of the 1.exe file has a file size of 46,080 bytes. The MD5 checksum is the following string: 0x62E4A5982AE44B90DF6EFE0E480EBC78

A variant of the Postal_document.exe file in the Postal_document_67419.zip attachment has a file size of 38,912 bytes. The MD5 checksum is the following string: 0x79F53B68ACECE2974AC865603BF68BCC

The Postal.Document.exe file in the Postal_document_03035.zip has a file size of 70,656 bytes. The MD5 checksum is the following string: 0xA35E48909A49334A7EBB5448A78DCFF9

The debito-abril-maio.pdf.exe file has a file size of 1,266,345 bytes. The MD5 checksum is the following string: 0x2A7526F84CB755FCFD0AF52EC990DC35

The id-23485.pdf.exe file has a file size of 45,056 bytes. The MD5 checksum is the following string: 0x5E27D125661E91796759B542C59240D3

The Postal_Label.exe file in the Postal_Label_#06426.zip attachment has a file size of 24,576 bytes. The MD5 checksum is the following string: 0x3CB142FC295C235C29B3AC2B6CBD0A1D

A variant of the Postal_Label.exe file in the Postal_Label_#52785.zip attachment has a file size of 26,112 bytes. The MD5 checksum is the following string: 0x45E5BC4114ED4A3773BA395A4A4BFCAF

A second variant of the Postal_Label.exe file in the Postal_Label_#79771.zip attachment has a file size of 26,112 bytes. The MD5 checksum is the following string: 0xFDE19A568796604D3BDD2266DF23139A

A third variant of the Postal_Label.exe file in the Postal_Label_#69030.zip attachment has a file size of 25,600 bytes. The MD5 checksum is the following string: 0x00196A9DD051B3EBB95B70941053D48A

The transaction-report.pdf.exe file has a file size of 171,008 bytes. The MD5 checksum is the following string: 0xEF3D45B93629D9B198A589F6E43B0A75

A second variant of the Postal_document.exe file in the Postal_document_#22087.zip attachment has a file size of 22,528 bytes. The MD5 checksum is the following string: 0xF83FC517B3AC4431D649F5027F810216

A third variant of the Postal_document.exe file in the Postal_document_#60677.zip attachment has a file size of 24,576 bytes. The MD5 checksum is the following string: 0x9B0BB7F1CE4E44CC13A39BDB01BBA930

A fourth variant of the Postal_document.exe file in the Postal_document_#46891.zip attachment has a file size of 24,576 bytes. The MD5 checksum is the following string: 0x79E6911C9F50F79A931EBF058AD99F64

A fifth variant of the Postal_document.exe file in the Postal_document#01478.zip attachment has a file size of 38,912 bytes. The MD5 checksum is the following string: 0x5C4E06C1C71C44BA04A41300C61F6114

The UPS_DE~1.EXE file in the Ups_TRNR5WU73476.zip attachment has a file size of 36,352 bytes. The MD5 checksum is the following string: 0xCF734A0C66928E78703169838F13B2A5

The UPS_IN~1.EXE file in the UPS_id0Gr75142.zip attachment has a file size of 40,448 bytes. The MD5 checksum is the following string: 0x20DA664D648AD62DD271CDA9597729AE

A sixth variant of the UPS_document.exe file in the UPS_document.zip file has a file size of 29,184 bytes. The MD5 checksum is the following string: 0xE3BE596460918C763E0015F590A867B8

The UPS_LE~1.EXE file in the MYUPS_id583Z170440759.zip attachment has a file size of 92,160 bytes. The MD5 checksum is the following string: 0xE8428807B107A582B8338807C726C283

The UPS-prnt-label-tracking-delivery-notification-message-52952144115-071018753.exe file in the UPS-prnt-label-tracking-delivery-notification-message-52952144115-071018753.zip attachment has a file size of 212,992 bytes. The MD5 checksum is the following string: 0x17DABAB8A6048D014E715487759CFD84

The comprovante.pdf.exe file has a file size of 658,432 bytes. The MD5 checksum is the following string: 0x8643845A4D94B275A153400A58360FDE

The UPS_NO~1.EXE file in the UPS_NR440zZ2798357.zip attachment has a file size of 46,080 bytes. The MD5 checksum is the following string: 0x59F3A3ADFCB0B59A07FB4AA127E5E193

A variant of the UPS_NO~1.EXE file in the ups_TR9Lci5498.zip attachment has a file size of 46,080 bytes. The MD5 checksum is the following string: 0x1D243A71E2ADC76C8FA9C9FF75D72DBA

The second variant of the UPS_NO~1.EXE file in the ups_NR1oY97887517.zip attachment has an approximate file size of 39,383 bytes. The MD5 checksum is the following string: 0x47f2b8fcc2873f4dfd573b0e8a77aaa9

A third variant of the UPS_NO~1.EXE file in the UPS_NR10e409316239.zip attachment has an approximate file size of 35,471 bytes.

The CHANGE~1.EXE file in the Change_09152011_Z438.zip attachment has a file size of 39,424 bytes. The MD5 checksum is the following string: 0x9AB4A63D538E576BC48262D1A12274A4

The IRSGOV~1.EXE file in the IRS_09_26_25401.zip attachment has a file size of 45,056 bytes. The MD5 checksum is the following string: 0x60B49B0132A5461BBC0B3AE6A17B2986

The IRS__0~1.EXE file in the IRS_Letter_0927_24130.zip attachment has a file size of 40,960 bytes. The MD5 checksum is the following string: 0x6EA1A22C80630630B8BF0B05B25BB704

The OPEN_I~1.EXE file in the Open_Invoices_09.28.2011_M461644.zip attachment has a file size of 38,912 bytes. The MD5 checksum is the following string: 0x463058B78BCD8490C750B8356F91CD7E

A variant of the CHANGE~1.EXE file in the Changelog_09292011.zip attachment has a file size of 38,912 bytes. The MD5 checksum is the following string: 0xE72D541CCE3AD786CD1FD1139881DDE7

A fourth variant of the Postal_Label.exe file in the Postal_Label_#23784.zip attachment has a file size of 36,352 bytes. The MD5 checksum is the following string: 0xBCDEED2572092CF80E4FDAF7275B3D83

A fifth variant of the Postal_Label.exe file in the Postal_Label_TN.65008.zip attachment has a file size of 33,280 bytes. The MD5 checksum is the following string: 0x0CC6DFF0C13830CA039A2FEE4D1E2D8E

A sixth variant of the Postal_Label.exe file in the Postal_Label_TN.93154.zip attachment has a file size of 34,304 bytes. The MD5 checksum is the following string: 0x92B5852F34CED30E503085BF9077F57A

A fourth variant of the UPS_NO~1.EXE file in the MYUPS-ID038V67802430.zip attachment has a file size of 49,664 bytes. The MD5 checksum is the following string: 0x43F8B1212D920368306AE930613D457D

The UPS-Delivery-Notification.exe file in the UPS_Delivery_Notification-44472949009467712741.zip attachment has a file size of 201,728 bytes. The MD5 checksum is the following string: 0xD675E061B07240D4AE55B54F23FD535E

The Post_Label.exe file in the UPost_Label#ID3909US.zip attachment has a file size of 52,224 bytes. The MD5 checksum is the following string: 0x9803DA2B287EF2530C171889EC4B82DA

A variant of the Post_Label.exe file in the Post_Label#ID6025US.zip attachment has a file size of 50,176 bytes. The MD5 checksum is the following string: 0xBE5051DD8A92E3AE1B6AC789AAD22361

The Delivery_Tracking_Notification-United_Parcel_Service-nov-2011.exe file in the UPS-DELIVERY-NOTIFICATION-MESSAGE-4822115641472376.zip attachment has a file size of 199,168 bytes. The MD5 checksum is the following string: 0x716DD791EA0FC257CEC5DDCB738F0B10

A third variant of the Post_Label.exe file in the Post_Label_#US5358.zip attachment has a file size of 53,248 bytes. The MD5 checksum is the following string: 0x086F152284CEDF9FBBB5A7D1EBE84418

A fourth variant of the Post_Label.exe file in the Post_Label_#US7452.zip attachment has a file size of 51,712 bytes. The MD5 checksum is the following string: 0xF968837852BD8EA297E1AF1213D5AA4F

The UPS_Delivery_Notification.exe file in the UPS_Delivery_Notification-CZ6JN0S8E6W9KNR4HFB6C.zip attachment has a file size of 196,096 bytes. The MD5 checksum is the following string: 0x46305B3579FA316567E01FE027B3A766

The UPS-Delivery-Confirmation-Alert.exe file in the UPS_Delivery_Confirmation_Alert-121762709.zip attachment has an unknown file size. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x4e31204d400071d96272e88a5331fa4a

A variant of the FedEx_Invoice.exe file in the FedEx_Invoice_#UK53106.zip attachment has a file size of 51,200 bytes. The MD5 checksum is the following string: 0x933A7A3A45693AC3DA4DC70FDBD97E24

A fifth variant of the Post_Label.exe file in the Post_Label_#US9821.zip attachment has a file size of 53,248 bytes. The MD5 checksum is the following string: 0xF5DACB815717572A213F939DAC547B8B

The UPS-Billing_Notification-Details.exe file in the UPS-Billing-Invoice-Notification-581282736038560.zip attachment has a file size of 185,856 bytes. The MD5 checksum is the following string: 0xAB4046D0855AC7EAE979261C2A6EFD8E

The FedEx_Invoice.exe file in the FedEx_Invoice_N572US.zip attachment has a file size of 50,176 bytes. The MD5 checksum is the following string: 0x932C579A9ACD3FE20E2C909652622BBA

A sixth variant of the Post_Label.exe file in the Post_Label_US#7156.zip attachment has a file size of 54,864 bytes. The MD5 checksum is the following string: 0x432D60EAD7840A53EF3774138A5F1E39

A seventh variant of the Post_Label.exe file in the Post_Label.zip attachment has a file size of 52,816 bytes. The MD5 checksum is the following string: 0x8CFBE96C682ECACDDC346BCEBC87DA83

An eighth variant of the Post_Label.exe file in the Post_Label.zip attachment has a file size of 52,816 bytes. The MD5 checksum is the following string: 0x8CFBE96C682ECACDDC346BCEBC87DA83

The documentos07.pdf.exe file has a file size of 11,65,312 bytes. The MD5 checksum is the following string: 0xF8ECE0E9C92FC127B1B40E36DC9DBB1E

A ninth variant of the Post_Label.exe file in the Post_Label.zip attachment has an approximate file size of 36,352 bytes. The MD5 checksum is not available.

A tenth variant of the Post_Label.exe file in the Post_Label.zip attachment has a file size of 40,960 bytes. The MD5 checksum is the following string: 0xACE44CA074C1815237EC0CBE9FFC37D3

The boletovivosa.pdf.exe file has a file size of 12,375,04 bytes. The MD5 checksum is the following string: 0x31600291DCB2ED9512888B68EAA163BE

An eleventh variant of the Post_Label.exe file in the Post_Label_#0945US.zip attachment has an approximate file size of 42,956 bytes. The MD5 checksum is not available.

A twelfth variant of the Post_Label.exe file in the Post_Label_N1912US.zip attachment has an approximate file size of 49,664 bytes. The MD5 checksum is the following string: 0xB1342CF472AC75063686EE8509A343ED

A thirteenth variant of the Post_Label.exe file in the Post_Label_N0759US.zip attachment has an approximate file size of 51,200 bytes. The MD5 checksum is the following string: 0xAFF5D864C1B4DA70E082E7CC9FF46CB9

A fourteenth variant of the Post_Label.exe file in the Post_Label_US2853.zip attachment has an approximate file size of 49,152 bytes. The MD5 checksum is the following string: 0x8B5968CB7B519BD02E458B2B657DCDA7

A fifteenth variant of the Post_Label.exe file in the Post_Label_N1365US.zip attachment has an approximate file size of 51,200 bytes. The MD5 checksum is the following string: 0xF3BC911560ECCBAFD4253B94F96D4FE6

A sixteenth variant of the Post_Label.exe file in the Post_Label_IN9250US.zip attachment has a file size of 44,032 bytes. The MD5 checksum is the following string: 0xA8593D7AE6C6F012124556074E387A9B

A seventeenth variant of the Post_Label.exe file in the Post_Label_IN6629US.zip attachment has a file size of 45,568 bytes. The MD5 checksum is the following string: 0x37894CB0B0C419C2D57F2CB6E32A59AD

An eighteenth variant of the Post_Label.exe file in the Post_Label_N4339US.zip attachment has a file size of 47,616 bytes. The MD5 checksum is the following string: 0x33B07D23F3E4F811F9AA203ADF09D898

The Boleto_PDF.exe file has a file size of 32,768 bytes. The MD5 checksum is the following string: 0x2E3007D600E9211E1BE3F8AD8D176E31

A nineteenth variant of the Post_Label.exe file in the Post_Label_N0792US.zip attachment has a file size of 45,568 bytes. The MD5 checksum is the following string: 0x941C2C3BA5EA97DDF12CC7BF7CE60623

A twentieth variant of the Post_Label.exe file in the Post_Label_N1426US.zip attachment has a file size of 46,592 bytes. The MD5 checksum is the following string: 0x56206B4186CEA2DA10DB906C4244B5CA

A twenty-first variant of the Post_Label.exe file in the Post_Label_N1541US.zip attachment has a file size of 45,568 bytes. The MD5 checksum is the following string: 0x6E9666893F5E7646DA7FE498C86E55A9

The invoiceA451B1.JPG.exe file has a file size of 202,320 bytes. The MD5 checksum is the following string: 0xBC4D2211C947026AFF9FBCD2E530589E

The invoiceA46DB2.JPG.exe file has a file size of 193,024 bytes. The MD5 checksum is the following string: 0x2241C83BDE6032530162D69B01FB1A93

The invoice3887A.JPG.exe file has a file size of 200,272 bytes. The MD5 checksum is the following string: 0x440D2881B70056904CBA2E3D2535DA71

The UPS Document.exe file in the UPS document.zip attachment has a file size of 41,472 bytes. The MD5 checksum is the following string: 0xC5C664F23F58CA62F357F850EE5AB904

The invoiceF242F1.JPG.exe file has a file size of 198,736 bytes. The MD5 checksum is the following string: 0x355C8C0B69D0986358E53621FEB10496

The invoice3BE7EB.JPG.exe file has a file size of 197,200 bytes. The MD5 checksum is the following string: 0x2294F0341B4A0BF3B33F4904F349918B

The rapport.pdf.exe file has a file size of 197,632 bytes. The MD5 checksum is the following string: 0x643D3D31BD1EB889180589307E40B567

The UPS document.exe file in the UPS document.zip attachment has a file size of 41,984 bytes. The MD5 checksum is the following string: 0xDF655A37E7DA76C5382901A39FFE55EF

A variant of the UPS Document.exe file in the UPS document.zip attachment has a file size of 42,496 bytes. The MD5 checksum is the following string: 0xBE394F89A19E1729433A8B225771DB92

The invoiceD4E87CA.JPG.exe file has a file size of 194,128 bytes. The MD5 checksum is the following string: 0xA64AE28100B4EB6384B72C3C4EC88FC3

The UPS Document PDF.exe file in the UPSDocument110331640275.zip attachment has a file size of 36,352 bytes and an MD5 checksum with the following string: 0x6B815CFF6E01B8D1A75C7E60CAEADA1D

A variant of the UPS document.exe file in the UPS_document.zip attachment has a file size of 41,984 bytes. The MD5 checksum is the following string: 0xAEC4F6BC0DBB67DB4F222D72DA41A092

The confirmation_pdf.exe file has a file size of 184,832 bytes and an MD5 checksum with the following string: 0xCD2F787EBF16B2FF3138F6397E0E1BB3

The USPS report.exe file in the USPS report.zip attachment has a file size of 50,535 bytes. The MD5 checksum is the following string: 0x2EAB0048AD3C3AD8F9495CB4899F9390

The USPS report id475390873.exe file in the USPS report id475390873.zip attachment has a file size of 47,616 bytes. The MD5 checksum is the following string: 0xC280C0D55FC3A5C1943C9D83E9D2AAA2


The following text is a sample of the e-mail message that is associated with this threat outbreak:

Subject: UPS Tracking Number 5119072

Message Body:
The courier company was not able to deluver your parcel by your address.
Cause: Error in shipping address.
You may pickup the parcel at our post office personaly.
Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.
Please do not reply to this e-mail, it is an unmonitored mailbox!
Thank you,
United Parcel Service.

Or

Subject: UPS Delivery Problem RN 26489.

Message Body:
Dear customer!

Unfortunately we failed to deliver postal package sent on the 10th of December in time
because the addressee's address is inexact.
Please print out the invoice copy attached and collect the package at our office.


United Parcel Service of America

Or

Subject: UPS INVOICE NR9030102

Message Body:
Dear Customer!
We failed to deliver postal sent on the 28th of April in time because the recipient's address is wrong. Please print out the invoice copy attached and collect the package at our department.
UPS International.


Canada Finance Chief: Work needed on bank reforms

Or

Subject: Fedex Item Status N7185272

Message Body:
Hero Toddler Saves Dad After Collapse

Or

Subject: ID N6859763 Message Body:
US defence secretary makes surprise visit to Iraq

Or

Subject: USPS Delivery Problem NR421024805

Message Body:
Hello

The parcel was sent to your home address. And it will arrive within 3 business days.
More information and the tracking number are attached in document below.


Thank you.
UPS Customer Services


For the first three years of my convent life, I passed the time in the school department, without much anxiety of mind.I was gay and thoughtless, my great trouble was to find something to amuse myself, and kill time in some way. Though I treated all the school-mates with kindness, and true Italian politeness, I became intimate with only one. She was a beautiful girl, from the dukedom of Tuscany. She made me her confidant, and told me all her heart. Her parents were wealthy, and both very strict members of the Romish Church. But she had an aunt in the city of Geneva, who was a follower of John Calvin, or a member of the Christian church of Switzerland. This aunt had been yearly a visitor at her fathers house. She being her fathers only sister, an affectionate intimacy was formed between the aunt and niece.

Or

Subject: DEBITOS

Message Body:

Conforme o contato fiz a verificação em nosso sistema e consta que as parcelas do mês de Abril e Maio do contrato 498.568.886/2010.

Abaixo segue o link com as parcela com a validade para o dia 26/05/2011.

hxxp://www.nacionalconsorciofiat.com/acesso/contrato/2011/debito.cgi?id=498.568.886/2010

Atenciosamente,

Ricardo Moretto Junior
Dpto Financeiro Consórcio Fiat
ricardo.moretto@nacionalconsorciofiat.com

Or

Subject: Your package has arrived!

Message Body:

Dear client
Your package has arrived.
The tracking # is : 8B89C50840F242F1 and can be used at :
http://www.ups.com/tracking/tracking.html
The shipping invoice can be downloaded from :
http://www.ups.com/tracking/invoices/download.aspx?invoice_id=8B89C50840F242F1
Thank you,
United Parcel Service
*** This is an automatically generated email, please do not reply ***

Or

Subject: Your package has arrived!

Message Body:

Dear client
Your package has arrived.
The tracking # is : AA632090603BE7EB and can be used at :
http://www.ups.com/tracking/tracking.html
The shipping invoice can be downloaded from :
http://www.ups.com/tracking/invoices/download.aspx?invoice_id=AA632090603BE7EB
Thank you,
United Parcel Service
*** This is an automatically generated email, please do not reply ***

Or

Subject: Your package has arrived!

Message Body:

Dear client
Your package has arrived.
The tracking # is : B6606A064D4E87CA and can be used at :
http://www.ups.com/tracking/tracking.html
The shipping invoice can be downloaded from :
http://www.ups.com/tracking/invoices/download.sapx?invoice_id=B6606A064D4E87CA
Thank you.
United Parcel Service

Or

Subject: USPS delivery failure report

Message Body:

USPS notification
Our company’s courier couldn’t make the delivery of package.
REASON: Postal code contains an error.
LOCATION OF YOUR PARCEL: KnoxvilleFort
DELIVERY STATUS: sort order
SERVICE: One-day Shipping
NUMBER OF YOUR PARCEL: 45PXH99NPW
FEATURES: No
Label is enclosed to the letter.
Print a label and show it at your post office.
An additional information:
If the parcel isn’t received within 30 working days our company will have the right to claim compensation from you for it’s keeping in the amount of $8.26 for each day of keeping of it.
You can find the information about the procedure and conditions of parcels keeping in the nearest office.
Thank you for using our services.
USPS Global.


Malicious software installed by files that are distributed via these messages may be related to the Trojan.Sasfis or Trojan.Win32.Inject.bkpq family of trojans, which have the ability to download malicious files from the Internet and create a startup registry entry. The malicious code may open a back door on the infected system to communicate with a remote attacker. Additionally, the malicious code may attempt to make modifications to the system registry and files.

Cisco Security analysts examine real-world e-mail traffic data that is collected from over 100,000 contributing organizations worldwide. This data helps provide a range of information about and analysis of global e-mail security threats and trends. Cisco will continue to monitor this threat and automatically adapt systems to protect customers. This report will be updated if there are significant changes or if the risk to end users increases.

Cisco security appliances protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. E-mail that is managed by Cisco and end users who are protected by Cisco Web Security Appliances will not be impacted by these attacks. Cisco security appliances are automatically updated to prevent both spam e-mail and hostile web URLs from being passed to the end user.

Related Links
Cisco Security
Cisco Threat Operations Center
Cisco SenderBase Security Network
 
Alert History
 
Version 111, February 13, 2013, 5:44 AM: Cisco Security has detected significant activity on February 12, 2013.

Version 110, December 5, 2012, 6:34 AM: Cisco Security has detected significant activity on December 4, 2012.

Version 109, August 7, 2012, 8:15 AM: Cisco Security has detected significant activity on August 6, 2012.

Version 108, February 27, 2012, 11:55 AM: Cisco Security has detected significant activity on February 23, 2012.

Version 107, February 13, 2012, 4:52 PM: Cisco Security has detected significant activity on February 13, 2012.

Version 106, February 13, 2012, 11:43 AM: Cisco Security has detected significant activity on February 9, 2012.

Version 105, February 9, 2012, 10:38 AM: Cisco Security has detected significant activity on February 8, 2012.

Version 104, February 8, 2012, 10:44 AM: Cisco Security has detected significant activity on February 8, 2012.

Version 103, February 8, 2012, 5:59 PM: Cisco Security has detected significant activity on February 7, 2012.

Version 102, February 7, 2012, 9:11 AM: Cisco Security has detected significant activity on February 6, 2012.

Version 101, February 2, 2012, 10:58 AM: Cisco Security has detected significant activity on February 2, 2012.

Version 100, February 2, 2012, 9:27 AM: Cisco Security has detected significant activity on February 1, 2012.

Version 99, February 1, 2012, 3:05 PM: Cisco Security has detected significant activity on February 1, 2011.

Version 98, January 25, 2012, 4:56 PM: Cisco Security has detected significant activity on January 24, 2012.

Version 97, January 19, 2012, 9:22 AM: Cisco Security has detected significant activity on January 18, 2012.

Version 96, January 17, 2012, 5:29 PM: Cisco Security has detected significant activity on January 16, 2012.

Version 95, January 12, 2012, 3:17 PM: Cisco Security has detected significant activity on January 11, 2012.

Version 94, January 9, 2012, 11:29 AM: Cisco Security has detected significant activity on January 9, 2012.

Version 93, January 6, 2012, 10:26 AM: Cisco Security has detected significant activity on January 5, 2012.

Version 92, January 4, 2012, 10:41 AM: Cisco Security has detected significant activity on January 2, 2012.

Version 91, December 16, 2011, 4:25 PM: Cisco Security has detected significant activity on December 15, 2011.

Version 90, December 13, 2011, 10:42 AM: Cisco Security has detected significant activity on December 12, 2011.

Version 89, December 12, 2011, 9:37 AM: Cisco Security has detected significant activity on December 10, 2011.

Version 88, December 10, 2011, 9:29 AM: Cisco Security has detected significant activity on December 8, 2011.

Version 87, December 7, 2011, 4:00 PM: Cisco Security has detected significant activity on December 7, 2011.

Version 86, December 2, 2011, 4:25 PM: Cisco Security has detected significant activity on December 1, 2011.

Version 85, November 30, 2011, 3:55 PM: Cisco Security has detected significant activity on November 29, 2011.

Version 84, November 28, 2011, 12:07 PM: Cisco Security has detected significant activity on November 25, 2011.

Version 83, November 22, 2011, 10:15 AM: Cisco Security has detected significant activity on November 22, 2011.

Version 82, November 18, 2011, 4:40 PM: Cisco Security has detected significant activity on November 17, 2011.

Version 81, November 17, 2011, 10:45 AM: Cisco Security has detected significant activity on November 17, 2011.

Version 80, November 15, 2011, 6:05 PM: Cisco Security has detected significant activity on November 15, 2011.

Version 79, November 8, 2011, 9:43 AM: Cisco Security has detected significant activity on November 7, 2011.

Version 78, October 10, 2011, 9:01 AM: Cisco Security has detected significant activity on October 9, 2011.

Version 77, September 30, 2011, 9:43 AM: Cisco Security has detected significant activity on September 30, 2011.

Version 76, September 29, 2011, 8:51 AM: Cisco Security has detected significant activity on September 29, 2011.

Version 75, September 28, 2011, 1:24 PM: Cisco Security has detected significant activity on September 28, 2011.

Version 74, September 27, 2011, 2:39 PM: Cisco Security has detected significant activity on September 26, 2011.

Version 73, September 26, 2011, 3:18 PM: Cisco Security has detected significant activity on September 26, 2011.

Version 72, September 23, 2011, 10:59 AM: Cisco Security has detected significant activity on September 23, 2011.

Version 71, September 9, 2011, 3:12 PM: Cisco Security has detected significant activity on September 9, 2011.

Version 70, September 8, 2011, 9:36 AM: Cisco Security has detected significant activity on September 8, 2011.

Version 69, September 7, 2011, 5:55 PM: Cisco Security has detected significant activity on September 7, 2011.

Version 68, August 31, 2011, 10:20 AM: Cisco Security has detected significant activity on August 31, 2011.

Version 67, August 24, 2011, 10:11 AM: Cisco Security has detected significant activity on August 24, 2011.

Version 66, August 23, 2011, 8:20 AM: Cisco Security has detected significant activity on August 23, 2011.

Version 65, August 19, 2011, 7:58 PM: Cisco Security has detected significant activity on August 18, 2011.

Version 64, August 11, 2011, 1:26 PM: Cisco Security has detected significant activity on August 11, 2011.

Version 63, July 13, 2011, 9:25 AM: Cisco Security has detected significant activity on July 13, 2011.

Version 62, July 6, 2011, 10:50 AM: Cisco Security has detected significant activity on July 6, 2011.

Version 61, July 5, 2011, 9:16 AM: Cisco Security has detected significant activity on July 4, 2011.

Version 60, June 23, 2011, 10:29 AM: Cisco Security has detected significant activity on June 23, 2011.

Version 59, June 20, 2011, 9:28 AM: Cisco Security has detected significant activity on June 20, 2011.

Version 58, June 15, 2011, 9:21 AM: Cisco Security has detected significant activity on June 15, 2011.

Version 57, May 20, 2011, 10:13 AM: Cisco Security has detected significant activity on June 14, 2011.

Version 56, May 19, 2011, 8:04 AM: Cisco Security has detected significant activity on May 18, 2011.

Version 55, May 13, 2011, 7:41 AM: Cisco Security has detected significant activity on May 12, 2011.

Version 54, May 11, 2011, 9:54 AM: Cisco Security has detected significant activity on May 11, 2011.

Version 53, May 10, 2011, 8:57 AM: Cisco Security has detected significant activity on May 10, 2011.

Version 52, May 6, 2011, 10:19 AM: Cisco Security has detected significant activity on May 6, 2011.

Version 51, May 4, 2011, 8:49 AM: Cisco Security has detected significant activity on May 3, 2011.

Version 50, May 3, 2011, 11:20 AM: Cisco Security has detected significant activity on May 3, 2011.

Version 49, April 29, 2011, 11:48 AM: Cisco Security has detected significant activity on April 29, 2011.

Version 48, April 25, 2011, 7:47 AM: Cisco Security has detected significant activity on April 22, 2011.

Version 47, April 22, 2011, 10:16 AM: Cisco Security has detected significant activity on April 22, 2011.

Version 46, April 21, 2011, 7:50 AM: Cisco Security has detected significant activity on April 20, 2011.

Version 45, April 20, 2011, 10:26 AM: Cisco Security has detected significant activity on April 20, 2011.

Version 44, March 28, 2011, 7:43 PM: Cisco Security has detected significant activity on March 26, 2011.

Version 43, March 25, 2011, 10:39 AM: Cisco Security has detected significant activity on March 25, 2011.

Version 42, March 25, 2011, 7:58 AM: Cisco Security has detected significant activity on March 24, 2011.

Version 41, March 24, 2011, 8:48 AM: Cisco Security has detected significant activity on March 24, 2011.

Version 40, March 23, 2011, 7:39 AM: Cisco Security has detected significant activity on March 22, 2011.

Version 39, March 21, 2011, 7:51 AM: Cisco Security has detected significant activity on March 18, 2011.

Version 38, March 9, 2011, 8:18 AM: Cisco Security has detected significant activity on March 8, 2011.

Version 37, March 4, 2011, 8:36 AM: Cisco Security has detected significant activity on March 3, 2011.

Version 36, March 3, 2011, 9:33 AM: Cisco Security has detected significant activity on March 3, 2011.

Version 35, March 2, 2011, 8:25 PM: Cisco Security has detected significant activity on March 1, 2011.

Version 34, February 21, 2011, 7:27 AM: Cisco Security has detected significant activity on February 18, 2011.

Version 33, February 17, 2011, 10:28 AM: Cisco Security has detected significant activity on February 16, 2011.

Version 32, January 3, 2011, 9:56 AM: Cisco Security has detected significant activity on January 3, 2011.

Version 31, December 22, 2010, 8:33 AM: Cisco Security has detected significant activity on December 21, 2010.

Version 30, December 21, 2010, 8:16 AM: Cisco Security has detected significant activity on December 20, 2010.

Version 29, December 7, 2010, 7:52 PM: Cisco Security has detected significant activity on December 6, 2010.

Version 28, November 18, 2010, 8:48 AM: Cisco Security has detected significant activity on November 17, 2010.

Version 27, November 16, 2010, 9:41 AM: Cisco Security has detected significant activity on November 15, 2010.

Version 26, November 5, 2010, 8:36 AM: Cisco Security has detected significant activity on November 4, 2010.

Version 25, October 25, 2010, 8:58 PM: Cisco Security has detected significant activity on October 22, 2010.

Version 24, October 20, 2010, 10:17 AM: Cisco Security has detected significant activity on October 20, 2010.

Version 23, October 19, 2010, 10:26 AM: Cisco Security has detected significant activity on October 18, 2010.

Version 22, October 18, 2010, 1:59 PM: Cisco Security has detected significant activity on October 18, 2010.

Version 21, October 18, 2010, 8:03 AM: Cisco Security has detected significant activity on October 15, 2010.

Version 20, October 15, 2010, 1:58 PM: Cisco Security has detected significant activity on October 14, 2010.

Version 19, October 1, 2010, 1:02 PM: Cisco Security has detected significant activity on September 27, 2010.

Version 18, September 28, 2010, 9:27 AM: Cisco Security has detected significant activity on September 27, 2010.

Version 17, September 24, 2010, 10:54 AM: Cisco Security has detected significant activity on September 24, 2010.

Version 16, September 8, 2010, 11:56 AM: Cisco Security has detected significant activity on September 8, 2010.

Version 15, September 2, 2010, 10:01 AM: Cisco Security has detected significant activity on September 1, 2010.

Version 14, September 1, 2010, 11:03 AM: Cisco Security has detected significant activity on September 1, 2010.

Version 13, August 30, 2010, 1:51 PM: Cisco Security has detected significant activity on August 30, 2010.

Version 12, August 26, 2010, 10:59 AM: Cisco Security has detected significant activity on August 26, 2010.

Version 11, August 25, 2010, 8:17 AM: Cisco Security has detected significant activity on August 24, 2010.

Version 10, August 24, 2010, 8:29 AM: Cisco Security has detected significant activity on August 23, 2010.

Version 9, July 9, 2010, 10:05 AM: Cisco Security has detected significant activity on July 1, 2010.

Version 8, June 22, 2010, 9:45 AM: Cisco Security has detected significant activity on June 21, 2010.

Version 7, June 7, 2010, 8:29 AM: Cisco Security has detected significant activity on June 5, 2010.

Version 6, May 26, 2010, 10:37 AM: Cisco Security has detected significant activity on May 26, 2010.

Version 5, May 25, 2010, 9:23 AM: Cisco Security has detected significant activity on May 24, 2010.

Version 4, April 28, 2010, 10:18 AM: Cisco Security has detected significant activity on April 28, 2010.

Version 3, April 26, 2010, 8:18 AM: Cisco Security has detected significant activity on April 22, 2010.

Version 2, January 28, 2010, 10:07 AM: Cisco Security has detected significant activity on January 28, 2010.

Version 1, January 20, 2010, 11:17 AM: Cisco Security has detected significant activity on January 19, 2010.


Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
IntelliShieldThreat Outbreak Alert Original Release Base

Associated Products:
N/A




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield