Australian Taxation Office - Refund Notification
Malware just arriving...Headers:
Message body:
From: "Australian Taxation Office" {noreply@ato.gov.au}
Subject: Australian Taxation Office - Refund Notification
IMPORTANT NOTIFICATION
Australian Taxation Office - 22/01/2014
After the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 8128.86 AUD.
For more details please follow the steps bellow :
- Right-click the link on the attachment name, and select Save Link As, Save Target As or a similar option provided.
- Select the location into which you want to download the file and choose Save.
- Unzip the attached file.
Laurence Browning,
Tax Refund Department
Australian Taxation Office
Attached to the email is a Zip file:
Inside the Zip file is a windows executable: (Note the double extension)
ATO_TAX_129481_pdf.zip
ATO_TAX_129481_pdf.exe
MD5 Hashes:
Malware Information:
9fc82c3f56177b5d1e8ed840d81cda01 [1]
VirusTotal Report [1] (hits 11/57 Virus Scanners)
Malwr Report [1]
.Hybrid Analysis Report [1]
Summary:
Accesses potentially sensitive information from local browsers
Cheers,
Steve
Sanesecurity.com
No comments:
Post a Comment