Thursday, 11 December 2014

Employee Documents - Internal Use malware


From: "eBay.com" Subject: Employee Documents - Internal Use
Message-ID: <02445414490536603757052027200341 ebay.com="">

DOCUMENT NOTIFICATION, Powered by NetDocuments

DOCUMENT NAME: Employee Documents

DOCUMENT LINK: http://matoa-indonesia DOT com/do/document.php

Documents are encrypted in transit and store in a secure repository

---------------------------------------------------------------------------------
This message may contain information that is privileged and confidential.
If you received this transmission in error, please notify the sender by reply email
and delete the message and any attachments.


The above is already blocked with Sanesecurity.Malware.24222.UNOFFICIAL

However, if you do click the link, it auto-download (via your browser) document8721_pdf.zip

The zip file contains document8721_pdf.exe and VirusTotal is currently reporting [3/56] hits

No comments: