No surprises here, a new Waled campaign with the US Independence Day theme. When the user clicks on the YouTube video link, it offers to download an .exe file on the user’s computer instead of displaying a video.
Funny thing is that they say on the webpage “The largest firework happened this Saturday”, and this campaign is being spammed out on Friday, July 3rd. Clearly the Waled group isn’t paying attention to international timezones. Sophos detects this new Waled campaign as Mal/WaledPak-G and Mal/WaledJs-A.