Sanesecurity ClamAV blog: zero hour malware, phishing and scams: Yarde Metals Invoice email.invoice

Thursday, 26 March 2015

Yarde Metals Invoice email.invoice

Yarde Metals Invoice email.invoice email with a zip attachment...

Headers:

From: "email.invoice" {email.invoice@yarde.com}
Subject: Yarde Metals Invoice

Message body:

Thank you for your order.

Attached is your original invoice. If you would
like to pay for
your order with a wire transfer please contact Angela Palmer

at 860-406-6311 for bank details.

Friendly reminder:
Yarde Metals terms
are 1/2% 10, Net 30. We appreciate your prompt payment.

There's a Zip file attached to the email:

{xo1gd3E:.zip

Inside the Zip file is a Windows Executable file:

221324.exe

Sha256 Hashes (one example)

6e22d47c76efa1c5d2c957a64be877a9901ae188b51a67ea84f382dfb7b9d941 [1]

Malware Anti-Virus Reports (one example)

VirusTotal Report [1] (hits 3/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]

Cheers,
Steve
Sanesecurity.com

2 comments:

Anonymous said...: Thank you. I was wondering if I should open it. We purchase things for the farm and it could have been legit.; 28 March 2015 at 00:17
Anonymous said...: Thanks for this. Just received an identical email like this.

L; 30 March 2015 at 19:11

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Thursday, 26 March 2015

Yarde Metals Invoice email.invoice

2 comments: