Sanesecurity ClamAV blog: zero hour malware, phishing and scams: HSBC Payment e-Advice malware

Friday, 6 March 2015

HSBC Payment e-Advice malware

Headers:

From: "HSBC" {no-replay@hsbc.co.uk}
Subject: HSBC Payment

Message body:

Sir/Madam

Upon your request, attached please find payment e-Advice for your
reference.

HSBC

There's a Zip file attached to the email:

HSBC-2739.zip

Inside the Zip file is a Windows executable:

HSBC-2739.exe

Sha256 Hashes:

4702fdc4487d8d8e657e74d87a3fbc20ca1b433aba29b52891fd83319dc8a209 [1]

Malware Information:

VirusTotal Report [1] (hits 1/57 Virus Scanners)

Malwr Report [1]

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

Sanesecurity ClamAV blog: zero hour malware, phishing and scams