If You Can't Trust, You Can't Be Trusted

The Waledac botnet is offering up some fodder for the paranoia laden this week with a fake service that would allow you to intercept and view anyone's SMS messages via an online browser. That way you could catch your cheating significant other, or just make yourself look and feel like a complete ass. The emails arrive in the exact same Storm-esque fashion as they always have (btw, I'm still confused as to why we had to change its name to Waledac, but I digress), one-liner bodies with a link to the malicious site, and one-liner subjects such as:
Do you want to read her SMS?
Do you trust her?
Do you want to test your partner?
Your girlfriend is cheating on you!
Keep a spy eye on your Girlfriend's mobile
Read other people's SMS without any program
The world's most advanced sms reading program
Once at the site you are treated to the picture above along with the text:
Do you want to test your partner or just to read somebody's SMS? This program is exactly what you need then! It's so easy! You don't need to install it at the mobile phone of your partner. Just download the program and you will able to read all SMS when you are online. Be aware of everything! This is an extremely new service!
and of course, you are treated to a link that downloads the malicious executable. The name of the file varies from trial.exe, sms.exe, smsreader.exe, freetrial.exe, and smstrap.exe. There is one difference here, this time I have yet to find any hidden iframes which have also become a staple of the Storm, er, Waledac campaigns. These iframes would be used to automatically start the malicious download even without having to click on the supplied link.