Headers:
From: "Phoenix" {phoenix@pnjinternational.com}
Subject: Please
Message body:
Good Afternoon,
Please find attached notice regarding carriers pre-filing for an
additional General Rate Increase for effective date of April 9, 2015.
Please note, we are advising you of this filing in order to comply with
FMC regulations. However, we feel it is unlikely that the carriers will
be successful in implementing this increase, especially since the March
9th GRI has already been postponed to March 17th. We will continue to
keep you updated as we receive additional information pertaining to
these filed rate increases.
Phoenix Zhang-Shin
Director
P & J International Ltd
Calverley House, 55 Calverley Road
Tunbridge Wells, Kent, UK TN1 2TU
Tel: 0044 1892 525588
Fax: 0044 1892 522277
Mob: 0044 7771802252
This email and any attachments are confidential and solely for the use
of the intended recipient. They may contain material protected by legal,
professional or other privilege. All correspondence with and
communication with us is governed by and subject to our Standard Terms
and Conditions of Sale (March 2010) (Our STCs), a copy of which has been
provided to you and which is available on request or on our web-site.
Acknowledging receipt of and replying to this email constitutes
acceptance of our STCs.
Attached is a Zip file:
Inside the Zip is a Windows Executable:
documents-id323.zip
documents-id323.exe
Sha256 Hashes:
5a1467e9341ca5cf295fd84d76fcc38f7faccd573dbe6e872149eee64d26a9dc [1]
Malware Information:
Description:
VirusTotal Report [1] (hits 3/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]
The malware in the zip is
Dyre, is Zeus-like banking Trojan, which is trying to capture as much information about your online banking details as possible.
It's also being used to then send out the same malware to everyone else by using your own copy of outlook and your bandwidth.
Cheers,
Steve
Sanesecurity.com
2 comments:
I work for an insurance rating company and received this email. I gotta say that despite it having all of the signs that it is spam, it was awfully well-targeted. Deleted.
I work for a law firm and received this message, which was not well targeted as it would not apply to our work. glad for this site, as I figured it wasn't a friendly email.
Post a Comment