Wednesday, 25 March 2015

Citi Merchant Services statements CTS Holdings, LLC

Citi Merchant Services statements CTS Holdings, LLC emails with a zip attachment.

Headers:
From: user {noreply@efsnb-archive.com}
Subject: Citi Merchant Services statements - 85966058-8421
Message body:
Attached is your Merchant Statement.  It is secured so that only an authorized
recipient can open it.  To open, click on the attachment.

In order to view the attached PDF file, you need Adobe Acrobat Reader Version 8.0
installed.

Click on the following link:
to complete a
free install or re-install if you have an older version.

Visit Microsoft's selfhelp website at www.microsoft.com or contact your ISP if you do not
receive the attachment.

Delivering your statements directly to your desktop is just one
more way we've increased the speed of business.  Thanks again for
choosing CTS Holdings, LLC as your merchant processor.  CTS Holdings, LLC,
you can count on us!

This is a post-only mailing. Please do not respond.  To change
preferences please contact Customer Service at 1-800-238-7675.

There's a Zip file attached to the email:
g{BtQi5m.zip"

Inside the Zip file is an exe file:
Merchant.exe
Sha256 Hashes:
a003f8cedb6b5657883347626c9274bbbb5425ab46054045279c92edb44da240  [1]

Malware Anti-Virus Reports:
VirusTotal Report: [1] (hits 10/56 Virus Scanners)
Malwr Report: [1]
Hybrid Analysis Report: [1]


Cheers,

Steve
Sanesecurity.com

2 comments:

Anonymous said...

Received same today..... Thank you for your post.

Anonymous said...

Same here received it 3/25/2015 @ 8:23am EST. thank you for the post.