Wednesday, 4 March 2015

Tracking Number UPS Ship Notification

UPS Ship Notification, Tracking Number 1Z06E18A684012186 malware....

Headers:
From: "UPS" {no-replay@upsi.com}
Subject: UPS Ship Notification, Tracking Number 1Z06E18A684012186

Message body:

This message was sent to you at the request of BARNES & MULLINS to notify you that the electronic shipment information below has been transmitted to UPS. The physical package(s) may or may not have actually been tendered to UPS for shipment. Additional information in the attachment.
Important Delivery Information

Scheduled Delivery: 04-march-2015
Shipment Detail


Number of Packages: 1
UPS Service: STANDARD
Weight: 5,0 KGS
Tracking Number: 1Z06E18A6840121864
Invoice Number: 323093 STAN
Reference Number 2: DEL TO C'NEE ADD WITH SIG ONLY

Attached is a Zip file:
Details.zip

Inside the Zip attachment is a Windows Executable:
Details.exe

Sha256 Hash:
 3d68d1d5e8d2207dbf340d383938cbc4d61f69b2dd526889a5f7041c6c5b38a4   [1]

Malware Information:

VirusTotal Report [1] (hits 7/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1


Cheers,

Steve
Sanesecurity.com

2 comments:

Anonymous said...

Yeah I just received this one today, exactly the same. I am getting this kind of stuff every couple of days, stating different companies etc but all wanting me to open an attachment or download something.

Anonymous said...

Also just got one after sending a package through UPS. How do they know? what a waste of time