Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Secure Zip JP Morgan Access Secure Message

Thursday, 26 March 2015

Secure Zip JP Morgan Access Secure Message

JP Morgan Access Secure Message email with a zip attachment...

Headers:

From: "JP Morgan Access" {service@jpmorgan.com}Subject: JP Morgan Access Secure Message

Message body:

Please check attached file(s) for your latest account documents regarding your
online account.

Sara Geiger
Level III Account Management Officer
817-331-1479 office
817-606-1644 cell 
Sara.Geiger@jpmorgan.com
 
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE
 
2015 JPMorgan Chase & Co.

There's a Zip file attached to the email:

JP Morgan Access - Secure.zip

Inside the Zip file is a Windows Executable file:

JP Morgan Access - Secure.scr

Sha256 Hashes (one example)

7db0da727b6a2f1b135959aefbc260048c06f2d4ae5faf13ac57c9fe7ad153d5 [1]

Malware Anti-Virus Reports (one example)

VirusTotal Report [1] (hits 5/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]

Cheers,
Steve
Sanesecurity.com

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Thursday, 26 March 2015

Secure Zip JP Morgan Access Secure Message

No comments: