An incoming bit of malware:
"Please see attached copy (Invoice_9918492) of the original invoice." with
an attached zip file.
Let's have a look at the *current* 0 minute results...
MD5: 90d968aab763ea0e91c357e47f10372d
File name: Invoice_9918492.zip
Detected already by ClamAV 3rd Party signatures:
phish.ndb: Sanesecurity.Malware.22634.ZipHeur.Dte.UNOFFICIAL
foxhole_all.cdb: Sanesecurity.Foxhole.Zip_exe.UNOFFICIAL
Detected already by ClamAV 3rd Party signatures hashes:
rogue.hdb: Sanesecurity.Rogue.0hr.1107v29162.UNOFFICIAL
bofhland_malware_attach.hdb: BofhlandMWFile498.UNOFFICIAL
Example snapshot, number blocked per hour mean: 114, Max: 4831
VirusTotal:
Detection ratio: 2 / 47
Analysis date: 2013-11-07 09:13:28 UTC ( 2 minutes ago )
AntiVir: TR/Crypt.XPACK.Gen3
Sophos: Troj/Invo-Zip
ThreatTrack Pdf Analysis:
https://drive.google.com/file/d/0B1SVySdiVS8BY25DSmdaOXZzbU0
No comments:
Post a Comment