Spam Mail with Malware attachment masquerades as a FedEx Agent File Form

MX lab found a Spam mail with Malware Attachment masquerades as a FedEx Agent File Form . The email address is spoofed as <> email address.

This spam mail has Zip File Attachment that named as "",the file contains the 190 kB large file FedEx-AgentFileForm.exe( a Trojan). The trojan is detected by 5 Antivirus Engines out of 42 at VirusTotal.

AhnLab-V3 detect it as Spyware/Win32.Zbot, McAfee detect it as  Artemis!01CD13A561FF  and Symantec detect it as WS.Reputation.1.

Email Body:
The FedEx Export AgentFile form replaces the paper SED which is no longer required by the US government. All EEI shipments must be filed electronically with the government prior to tendering the shipments to FedEx. For all future shipments that require an EEI, please complete and sign the attached form and fax it to (866) 879-9037 or you may email your request to An ITN (internal transaction number) provided by the government will be communicated to you via your choice of: phone, email or fax. The ITN must be written on your AWB or label. The ITN indicates that the shipment has been submitted to the government and approved to export.

Also, listed below for your convenience is the US government website for Schedule B numbers. Should there be any doubt of the commodity number being provided on the SED Agent File form, please taken advantage of this valuable resource.

Thank you for choosing FedEx,

Manifesting Ops Asst.
FedEx Express
EEI Department/AES Processing
2927 Southwide Bldg B
Memphis, Tennessee 38118
Tel: 866 352-3252 (Opt. 2)
Fax: 866 879-9037


Free counters!


MauriHackerS - Providing Latest IT Security and Hacking News !