with a link to a website, which if clicked, will download a dangerous exe file.
Headers:
Message body:
From: "Fedex" {ranteras560@marketmindful2.com}
Subject: Postal Notification Service
Dear Customer,
Your parcel has arrived at January 28. Courier was unable to deliver the parcel to you.
To receive your parcel, print this label and go to the nearest office.
Clicking on the link with a Windows system gives you a dangerous EXE file:
http://skintoper.com/shipment_832748973284732847839278237.exe
Md5 Hashes:
Malware Information:
0206d396524ffaa64103151c820ddea6 [1]
VirusTotal Report [1] (hits 3/57 Virus Scanners)
Malwr Report [1]
Summary:
Hybrid Analysis Report [1]
- Executed a process and injected code into it, probably while unpacking
- Installs itself for autorun at Windows startup
Cheers,
Steve
Sanesecurity.com
5 comments:
Thanks Steve. Had the same message but from unfulfilledl93@marketminful2.com
thanks
same from Fedex on 09.02.2015 at 04.03pm
Hi, I received the same message today but from pegginghu@marketmindful2.com. Since I sometimes use Fedex services I clicked on the link and an unavailable webpage appeared. I already ran my anti-virus, but no malware was detected. What do you recommend me to do? Thanks
I received the same scam email. Received: from marketmindful2.com (unknown [89.109.42.151])9th Feb
My mail settings are plain text so the scammers spoof Fedex html formatting does not show. Coincidently, (or not?), also received a scam telephone call from overseas from a plausible-sounding "Tom" about a 'computer problem' I was supposed to have.
Same message, sender isunadulteredf262@merketmindful2.com
Unfortunately, I clicked on the link. What should I do now?
Post a Comment