Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Aomame Insurance Team Policy No: user

Tuesday, 31 March 2015

Aomame Insurance Team Policy No: user

Aomame Insurance Team Policy No: user email with a zip attachment...

Headers:

From: user {office@aomame.com}
Subject: Policy No: n7CRtsuf

Message body:

Dear Mrs.

Please find attached a communication in respect of policy n7CRtsuf from
Aomame. Please do not reply to this email, as the mailbox is unattended

Kind regards

Your Aomame Insurance Team

There's a Zip file attached to the email:

g6GjD8EyZ.zip

Inside the Zip file is a Windows Executable file:

Reference.exe

Sha256 Hashes:

02eed15f6426ccf31d0aa3fdceb474bed6d01be349a33fa4eb426ea3206c90fd [1]

Malware Anti-Virus Reports (one example)

VirusTotal Report [1] (hits 2/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]

Cheers,
Steve
Sanesecurity.com

4 comments:

Anonymous said...: Thanks!. I just recieved this mail today; 31 March 2015 at 17:43
Anonymous said...: Thanks I just received it today too.; 31 March 2015 at 19:08
Anonymous said...: Very Thanks, I just received it today in Japan too.; 1 April 2015 at 00:25
Anonymous said...: Received yesterday in Chicago. This is the only post about it that I've seen.; 1 April 2015 at 13:48

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Tuesday, 31 March 2015

Aomame Insurance Team Policy No: user

4 comments: