faktura malware

faktura subject malware in the form of a html email, with an attached ZIP file...

Headers:

From: {adwokat.zabrze@interia.eu} Subject: Re:faktura

Message body:

Witam Przesyłam w załączeniu fakturę. Proszę doliczyć do najbliższej opłaty.

Attached to the email is a ZIP file:

DOC150114-faktura.doc.zip

On the Windows machine, Inside the zip, is Windows executable (Note the dual extension)

DOC150114-faktura.doc.exe

Md5 Hashes:

3bcfe0c5364fa07f09ae44306da8dd82

Malware Information:

VirusTotal Report [1] (hits 8/57 Virus Scanners) Malwr Report [1] Summary: File has been identified by at least one AntiVirus on VirusTotal as malicious Executed a process and injected code into it, probably while unpacking Installs itself for autorun at Windows startup

Cheers,

Steve
Sanesecurity.com