Monday, 26 January 2015

RE: Invoice #9675296 Sage BACs malware

RE: Invoice #9675296 Sage BACs malware in the form of a html email, with an attached BACs-9675296.zip

Headers:
From: "Sage.co.uk" {no-reply@sage.co.uk}
Subject: RE: Invoice #9675296
Message body:
Please remit BACs before 26/01/2015. The document attached.
Attached to the email is a ZIP file:
BACs-9675296.zip

On the Windows machine, Inside the zip, is Windows executable 
BACs-912847.scr

Md5 Hashes:
147a717aabd60e676dea50da322c3ccd

Malware Information:

VirusTotal Report [1] (hits 5/57 Virus Scanners)

Malwr Report [1]


Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

No comments: