Date: Thu, 30 Mar 2017 13:43:20
Confirmation letter enclosed. Please see attachment.
Actually, it isn't a pdf, it's a zip file containing a zip file that contains an exe file and a txt file requesting me to open the exe file. Well, even if I were running Windows, I'm not going to open the file.
I showed it to Virustotal, and 8 out of 59 products flagged it. It was first seen about an hour ago; that's why so many products don't flag it. But that's how things are these days.
What does it do? I don't know, and don't much care. An exe file pretending to be a pdf file is going to be malicious. My guess is that it's ransomware, because that's the way things are today. Or maybe it zombifies your computer. Or maybe it displays flags of all nations - I don't care enough to spend very many hours analysing the file.
When I send the exe file to VirusTotal, 11 out of 61 products flag it. That means that some products aren't scanning inside zip files (or at least, aren't scanning inside files that have been doubly zipped). That's bad.
If you're depending on an antivirus to protect you from the malware threat, you better make sure that your lucky horseshoe is nailed to your computer.