Sanesecurity ClamAV blog: zero hour malware, phishing and scams: TOWN OF MT PLEASANT EFT Notification cabarruscounty

Tuesday, 24 February 2015

TOWN OF MT PLEASANT, here is your EFT Notification cabarruscounty emails being spammed...

Headers:

From: {finance_ap@cabarruscounty.us}
Subject: TOWN OF MT PLEASANT, here is your EFT Notification

Message body:

live-842000_12-17-2014-PE-E.pdf

There's a Zip file attached to the email:

live-842000_12-17-2014-PE-E.zip

Inside the Zip file is a Windows executable:

live-842000_12-17-2014-PE-E.exe

Md5 Hashes:

7e2b202f422ce83cfbd1c153906289a0 [1]

Malware Information:

VirusTotal Report [1] (hits 5/57 Virus Scanners)

Malwr Report [1]

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

Deegital said...: Thanks Steve for your information. I received this message today with the zip file included.

Regards,; 24 February 2015 at 16:37
Anonymous said...: Thanks for the info. I received this virus email today and also the email "efax message from pots modem 2".
Guess sending zip file attachments is the new thing.; 25 February 2015 at 18:12

Sanesecurity ClamAV blog: zero hour malware, phishing and scams