Thursday, 26 March 2015

I have attached my resume My

I have attached my resume email with an attached My file containing a ,js file.

Subject: Al Hurst - My resume
Subject: Denver Norman - My resume
Subject: Emmett Cox - My resume
Subject: Freddie Lara - My resume
Subject: Isidro Hayden - My resume
Subject: Romeo Mayo - My resume
Subject: Van Mcknight - My resume
Message body:
Hi, my name is{random}
My resume is attached for your consideration


There's a Zip file attached to the email:
Al Hurst - My
Denver Norman - My
Emmett Cox - My
Freddie Lara - My
Isidro Hayden - My
Marty Barker - My
Romeo Mayo - My
Van Mcknight - My

Inside the Zip file is an .JS file (JavaScript):
{random} - My resume.js
Sha256 Hashes (one example)
 5f199d4789c5f96effddd1476c911a765455acbab723a1ac7b72e9ef715bb710   [1]

Malware Anti-Virus Reports (one example)
VirusTotal Report [1] (hits 5/57 Virus Scanners)
Malwr Report [1]


1 comment:

Strongground said...

This scam/malware lives a second life: this time contains a folder with thumbs.db and manipulated my_reume.svg which loads from I didn't dare to download the file up to now... have no VM available right now.