| IMPORTANT - Confidential documents | gov.uk CASE_ email with a zip attachment |
Headers: (Note:
From name is random)
From: "Dionne Bullard" {noreply@gov.uk}
Subject: IMPORTANT - Confidential documents | |
Message body: (Note: name is random)
|
Company Documents
To: steveb@x
Case: C0215942
|
Please scan attached document and fax it
to +44 (0)303 1234 055 .
All web filed documents (with the
exception of downloaded accounts templates) are available to view / download for
10 days after their original submission. Once accepted, these changes will be
displayed on the public record. Not yet filing your accounts online? See how
easy it is... For enquiries, please telephone the Service Desk on +44 (0)303
1234 819 or email enquiries@gov.uk This email was sent from a notification-only
email address which cannot accept incoming mail. Please do not reply directly to
this message.
|
Yours faithfully
Dionne Bullard
Senior Manager
Companies House
Dionne.Bullard@gov.uk
|
|
Calls may be
monitored or recorded in case we need to check we have carried out your
instructions correctly and to help improve our quality of service.
?2014
Companies House. All rights reserved.
|
|
Attached is a Zip file:
Inside the Zip is a
Windows Executable:
Sha256 Hashes:
042e9e1be74fcd23d72860a01374f531bd5e5f0c20ddf992aef97572a1b66d6d [1]
|
Malware Information:
VirusTotal Report [1] (hits 2/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1] |
Description:
The malware in the zip is a trojan downloader largely referred to as Upatre.
This downloader will then probably download it's parter in crime Dyre.
Dyre, is Zeus-like banking Trojan, which is trying to capture as much information about your online banking details as possible.
It's also being used to then send out the same malware to everyone else
by using your own copy of outlook and your bandwidth. |
Cheers,
Steve
Sanesecurity.com
1 comment:
Got same type of email today, and your post is much helpful to me.
Thanks!!
Post a Comment