Wednesday, 17 December 2014

word document macro based malware: UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\"

Another malware run... with attached word document malware embedded :(

Date: Wed, 17 Dec 2014 16:20:09 +0800
From: "UK GEOLOGY PROJECT by \"Rough & Tumble\" with \"Moussa Minerals\""
Subject: Invoice as requested

No body of text this time, just an attachment...


Two variants so far.. VirusTotal Reports:

e832f74d424084e79505730f3b1faabc (1/54)
ff0694cba3b1ba6b39c997528385e649 (1/53)

0 hour detected by:

Sanesecurity.Malware.24646.DocHeur.UNOFFICIAL (phish.ndb)
anesecurity.Rogue.0hr.20141217-0828 .UNOFFICIAL (rogue.hdb)

Embedded Macro: pastebin

Malwr report: here


Anonymous said...

Received one of these the morning in inbox. Transferred it to junk. Then received a string of FIVE emails from them separated by minutes.

Anonymous said...

Just received one too. About to delete permanently. DO NOT OPEN

Anonymous said...

I've had about 11 of them.