INTERNAL FAX You have received a new fax email being spammed containing a Zip file
Message Header:
From: "INTERNAL FAX" {fax@bbc.co.uk}
Subject: You have received a new fax
You have received fax from EPSON91208382 at
Scan date: Thu, 29 Jan 2015 06:40:24 -0600
Number of page(s): 28
Resolution: 400x400 DPI
Name: fax167087861.pdf
_________________________________
Attached file is scanned image in PDF format
Attachment filenam
e:
fax167045861_pdf.zip
Inside Zip file:
Windows Executable (double extension)
fax167987861_pdf.scr
Md5 Hashes:
| 31ee9b03837f432faaa259cf0c15e94a [1] |
Malware information:
VirusTotal Report [1] (hits 1/57 Virus Scanners)
Malwr Report [1]
- Performs some HTTP requests
- The binary likely contains encrypted or compressed data.
- Steals private information from local Internet browsers
- Creates an Alternate Data Stream (ADS)
- Installs itself for autorun at Windows startup
Hybrid-Analysis Report [1] |
Cheers,
Steve
No comments:
Post a Comment