Wednesday, 22 October 2014

Malware via Word documents

We seem to be receiving a few variants of word documents at then moment, containing macros to download externally hosted malware.

 3 variants of these documents so far...

VirusTotal 1
VirusTotal 2
VirusTotal 3

I've added detection for all these types, in phish.ndb as:

Malware Detected as: Sanesecurity.Malware.24509.DocHeur

ClamAV 3rd Party signatures: http://sanesecurity.com
#clamav #sanesecurity #malware

Sample Subjects:

Commercial Debt Recovery, Ref No:
Industrial Invoices
Employee Documents - Internal Use
Reference:

No comments: