Sanesecurity ClamAV blog: zero hour malware, phishing and scams: word document macro based malware: UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\"

Wednesday, 17 December 2014

word document macro based malware: UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\"

Another malware run... with attached word document malware embedded :(

Date: Wed, 17 Dec 2014 16:20:09 +0800
From: "UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\""
Subject: Invoice as requested

No body of text this time, just an attachment...

20140918_122519.doc

Two variants so far.. VirusTotal Reports:

e832f74d424084e79505730f3b1faabc (1/54)
ff0694cba3b1ba6b39c997528385e649 (1/53)

0 hour detected by:

Sanesecurity.Malware.24646.DocHeur.UNOFFICIAL (phish.ndb)
anesecurity.Rogue.0hr.20141217-0828 .UNOFFICIAL (rogue.hdb)

Embedded Macro: pastebin

Malwr report: here

3 comments:

Anonymous said...: Received one of these the morning in inbox. Transferred it to junk. Then received a string of FIVE emails from them separated by minutes.; 17 December 2014 at 12:07
Anonymous said...: Just received one too. About to delete permanently. DO NOT OPEN; 17 December 2014 at 13:18
Anonymous said...: I've had about 11 of them.; 17 December 2014 at 14:27

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Wednesday, 17 December 2014

word document macro based malware: UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\"

3 comments: