Per this Websense File Sandbox report, the file is clearly malicious. Unfortunately, the "Premium AV Guys (McAfee & Symantec)" are asleep at the wheel again:
As such, you likely want to check your firewall logs to see if your users did indeed open the attachment/dropper and are therefore phoning home to the following IP Addresses:
No comments:
Post a Comment