Home Malware Programs Trojan Sources UPS_INVOICE_9871.zip


Posted: November 26, 2008

UPS_INVOICE_9871.zip is a Trojan masqueraded as a spam email attachment. UPS_INVOICE_9871.zip email attachment comes as a fake invoice from UPS pertaining to an undelivered package. If you open the attachment, your PC will become infected with the UPS_INVOICE_9871.zip Trojan. The following is the fake text message being sent out:

From: UPS Mail Support (wmkfveeew@brandonbrace.com)
Subject: Your Tracking # 6968466084
"Sorry, we were not able to deliver postal package you sent on October the 19th in time because the recipient's address is not correct. Please print out the invoice copy attached and collect the package at our office.
If you do not receive package in ten days you will have to pay 6$ per day.
Your UPS"

When executed, UPS_INVOICE_9871.zip Trojan will modify your Windows registry and will run each time that Windows boots up. UPS_INVOICE_9871.zip Trojan may also conceal itself from detection.

Do NOT trust emails that are suspicious, especially under the guise of legitimate company's. UPS does not send out emails such as these. Call the company first to confirm the veracity of the email and do NOT click on links in emails: these are usually decoys for Trojan or virus infections.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 DVBN756512.exe
    2 UPS_INVOICE_9871.exe
    3 UPS_INVOICE_9871.zip

Registry Modifications

  • The following newly produced Registry Values are: