Alert Summary:
Your FED TAX payment was Rejected email with an attached FEDERAL_tax_notify malicious ZIP file currently being spammed out.
Headers:
Message body:
From: "TAX@irs.gov" {tax@irs.gov}
Subject: Your FED TAX payment (ID:FC3IRS217553880) was Rejected
Attached to the email is a Zip file:
*** PLEASE DO NOT RESPOND TO THIS EMAIL ***
Your federal Tax payment (ID: FC3IRS217553880), recently sent from your checking account was returned by the your financial institution.
For more information, please download attached notification. (Security Adobe PDF file)
Transaction Number: FC3IRS217553880}
Payment Amount: $ 5694.82
Transaction status: Rejected
ACH Trace Number: 1111111111
Transaction Type: ACH Debit Payment-DDA
Internal Revenue Service
Metro Plex 1, 8401 Corporate Drive, Suite 300, Landover, MD 20785.
Inside the Zip file is a windows executable:
FEDERAL_tax_notify.zip
FEDERAL_tax_notify.scr
MD5 Hashes:
Malware Information:
ed7566c84c59e8d234613f527b7287c8 [1]
VirusTotal Report [1] (hits 6/55 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]
Cheers,
Steve
Sanesecurity.com
No comments:
Post a Comment