| 2015 PMQ agreement American_Wholesale.zip |
From: {linda@pmq.com}
Subject: 2015 PMQ agreement
Message body:
HI
I have Not received your signed contract for the 2015 ad campaign. If
you would please sign and return.
Thank you Linda
--
Watch our 2015 PMQ Media Kit here:
http://www.pmq.com/2015-PMQ-Media-Kit/ [1]
[2]
Linda Green / Co-Publisher
(662)234-5481 ext 121 / linda.pmq@gmail.com
cell (662)801-5495
PMQ Pizza Magazine Office: 662-234-5481 x121 / Fax: 662-234-0665
605 Edison Street, Oxford, MS 38655
http://www.pmq.com [3]
DON'T FORGET TO RENEW YOUR SUBSCRIPTION TO THE MAGAZINE AT
http://www.pmq.com/Subscribe-PMQ/ [4]
[5] [6] [7] [8] [9] [10] [11]
Attached is a Zip file:
Inside the Zip is a Windows Executable:
American_Wholesale.zip
American_Wholesale.exe
Sha256 Hashes:
ae71d65a32303f1f129292420532be2c907d04a05c1aef9a429ecf487b578681 [1]
Malware Information:
Description:
VirusTotal Report [1] (hits 7/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]
The malware in the zip is
Dyre, is Zeus-like banking Trojan, which is trying to capture as much information about your online banking details as possible.
It's also being used to then send out the same malware to everyone else by using your own copy of outlook and your bandwidth.
Cheers,
Steve
Sanesecurity.com
3 comments:
thanks steve
Ive received this email 3 times in the past hour.
220.79.227.87 originates in Korea
220.79.227.87 IP address location & more:
IP address [?]: 220.79.227.87 [Whois] [Reverse IP]
IP country code: KR
IP address country: ip address flag Korea, Republic of
IP address state: n/a
IP address city: n/a
IP address latitude: 37.5700
IP address longitude: 126.9800
ISP of this IP [?]: Korea Telecom
Organization: Korea Telecom
Post a Comment