Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Pearl Summer Offer Sheet pearleurope maikel.theunissen

Friday, 27 February 2015

Pearl Summer Offer Sheet pearleurope maikel.theunissen

Pearl Summer Offer Sheet pearleurope maikel.theunissen malware

Headers:

From: {maikel.theunissen@pearleurope.com}
Subject: Pearl Summer Offer Sheet

Message body:

Dear Customer,

Please find attached a copy of the Summer Offer sheet which we've extended to the end of February!

To place an order please contact a member of the UK sales team.

Kind regards,

The UK Sales Team

Free Phone: 00800 8424 9328

Mike Truscott – Sales Manager UK

Tel: 07710 842822

Jason Allum – Southern Area Sales Manager

Tel: 07766 733322

Attached is a Zip file:

Pearl UK Summer Offer Sheet 2015.zip

Inside the Zip is a Windows Executable:

Pearl UK Summer Offer Sheet 2015.exe

Sha256 Hash:

7f8dd1fd3e0d4cae2ddca058eb71015a608bed1486977ac178c5c3b2cf8c3668 [1]

Malware Information:

VirusTotal Report [1] (hits 0/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report: [1]

Summary:

Steals private information from local Internet browsers

Collects information to fingerprint the system (MachineGuid, DigitalProductId, SystemBiosDate)

Creates an Alternate Data Stream (ADS)

Installs itself for autorun at Windows startup

Cheers,

Steve
Sanesecurity.com

1 comment:

Anonymous said...: Thanks so much for the warning and info.....keep up the great work.
Mack; 27 February 2015 at 22:12

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Friday, 27 February 2015

Pearl Summer Offer Sheet pearleurope maikel.theunissen

1 comment: