This time, its spread continues through visual social engineering, but not in the template of course YouTube video but uses a page with pornographic content.
The BAT contains the following statement of connection and sending information to C&C:
- pi.exe (08f214c0bd61faba2f8ed89cb8f40bc0) FakeAV
Under 126.96.36.199 is managed by a known crimeware costing underground market around $ 1000 and to be executed in charge of pointing the download of other malware on the victim computer, managed under the coordination of business members that increase their profits for each successful installation of the rogue.
Symbiosis malware present. Koobface
Koobface campaign spread through Blogspot
YES Exploit System and Crimeware-as-a-Service
YES Exploit System. Official Business Partner’s Ver más