A trojan is being directly emailed to the Irish

ESET Ireland warns of an email, titled “Important – To all Employee’s”, which has an infected attachment that contains a trojan


The email has been observed to come from an Irish email address and targets other Irish emails. The title “Important – To all Employee’s” (spelling error included) prompts receivers to open an archived attachment titled Document.zip. Within the archive file is an executable file called Document_2520.exe, which if clicked, infects the victim’s computer with malware that ESET detects as Win32/Kryptik.DJUM.


Win32/Kryptik is generic detection of malicious obfuscated code within files with PE32 (Portable Executable, 32-bit) format, which is most active in infecting computers in UK and Ireland. This particular one likely contains the Win32/TrojanDownloader.Waski, observed since 2013, which downloads a range of additional malware to an infected computer. Basically, once you’ve got one, you’ll soon have many more.

Infections like these count on computer users to just open anything they receive without thinking. ESET Ireland therefore recommends checking who any email is from, before opening any attachments, to make sure the content is legitimate. Executable files (.exe) should particularly ring alarm bells when received and should be checked by an antivirus scanner or just deleted, before they can deliver their malicious payload.

by Urban Schrott, ESET Ireland

One thought on “A trojan is being directly emailed to the Irish

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s