Sanesecurity ClamAV blog: zero hour malware, phishing and scams: wydrukujesz dokument-Word-Formation.zip incoming malware

Tuesday, 17 March 2015

wydrukujesz dokument-Word-Formation.zip incoming malware

Headers:

Subject: wydrukujesz

Message body:

N/A

There's a Zip file attached to the email:

dokument-Word-Formation.zip

Inside the Zip file is a PIF file (Note: the double extension trick: dangerous executable:

dokument-Word-Formation.docx.sig.exe

Sha256 Hashes:

98136338031e065e58e3bd23866f6a0a700d578244dbb0213759ed9109fcd89d [1]

Malware Information:

VirusTotal Report [1] (hits 0/56 Virus Scanners)

Malwr Report [1]

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

Sanesecurity ClamAV blog: zero hour malware, phishing and scams