...Speaking of Malicious Attachments In Google Spam

Just had this come across one of our honeypots a few minutes ago: Google spam linking to an infected executable file. 

So far AV detection is pretty spotty, and of the ones that are identifying it, it is typically falling under the "generic detection" categories.

Antivirus	Version	Last Update	Result
AhnLab-V3	-	-	-
AntiVir	-	-	TR/Crypt.XPACK.Gen
Authentium	-	-	-
Avast	-	-	-
AVG	-	-	Generic10.BID
BitDefender	-	-	MemScan:Trojan.Downloader.Exchanger.C
CAT-QuickHeal	-	-	(Suspicious) - DNAScan
ClamAV	-	-	-
DrWeb	-	-	-
eSafe	-	-	Suspicious File
eTrust-Vet	-	-	-
Ewido	-	-	-
FileAdvisor	-	-	-
Fortinet	-	-	W32/Tibs.WA!tr.dldr
F-Prot	-	-	W32/Tibs.K.gen!Eldorado
F-Secure	-	-	Trojan-Downloader.Win32.Agent.ljx
Ikarus	-	-	Trojan-Downloader.Win32.Agent.ljx
Kaspersky	-	-	Trojan-Downloader.Win32.Agent.ljx
McAfee	-	-	-
Microsoft	-	-	-
NOD32v2	-	-	Win32/Agent.ETH
Norman	-	-	-
Panda	-	-	-
Prevx1	-	-	Trojan.Downloader
Rising	-	-	-
Sophos	-	-	Troj/Exchan-B
Sunbelt	-	-	-
Symantec	-	-	Downloader
TheHacker	-	-	-
VBA32	-	-	suspected of Downloader.Zlob.8
VirusBuster	-	-	Trojan.Zlob.GMQ
Webwasher-Gateway	-	-	Trojan.Crypt.XPACK.Gen

The spam itself has a porn twist to it (as opposed to the health and pill related spam that we usually see).  The sample that landed in our honeypot has a subject of "Rihanna Exposed" and a short message body which reads "Download and Watch" which is a link to the malware (abusing Google) at   http://www.google.com/pagead/iclk\?sa=l&ai=HvlJeh&num=33195&adurl=http://REDACTED.pl/video.exe (redacted since the site is still hosting live malware).