Home / malware TrojanDownloader:VBS/Lecpetex.A
First posted on 06 August 2014.
Source: MicrosoftAliases :
There are no other names known for TrojanDownloader:VBS/Lecpetex.A.
Explanation :
Threat behavior
Installation
TrojanDownloader:VBS/Lecpetex.A can be downloaded and run by other downloader trojans such as TrojanDownloader:Java/Carastanova.A.
Payload
Sends spam email
TrojanDownloader:VBS/Lecpetex.A sends spam emails to addresses found in the Outlook address book of the infected system.
We have seen this spam email use the following format:
Subject: RE: Documents
Body: Here re the required documents you asked for.
Documents.zip
Keep me posted for any complaints or anything.
Thank you.
In the above example, Documents.zip is hyperlinked to a URL that downloads Win32/Lecpetex.
Downloads and runs other malware
TrojanDownloader:VBS/Lecpetex.A downloads Lecpetex components in multiple hard-coded Dropbox share links.
Analysis by Zarestel Ferrer
Symptoms
Alerts from your security software may be the only symptom.
Last update 06 August 2014