Headers:
Message body:
From: "email.invoice" {email.invoice@yarde.com}
Subject: Yarde Metals Invoice
There's a Zip file attached to the email:
Thank you for your order. Attached is your original invoice. If you would like to pay for your order with a wire transfer please contact Angela Palmer at 860-406-6311 for bank details. Friendly reminder: Yarde Metals terms are 1/2% 10, Net 30. We appreciate your prompt payment.
{xo1gd3E:.zip
Inside the Zip file is a Windows Executable file:
Sha256 Hashes (one example)
221324.exe
6e22d47c76efa1c5d2c957a64be877a9901ae188b51a67ea84f382dfb7b9d941 [1]
Malware Anti-Virus Reports (one example)
VirusTotal Report [1] (hits 3/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]
Cheers,
Steve
Sanesecurity.com
2 comments:
Thank you. I was wondering if I should open it. We purchase things for the farm and it could have been legit.
Thanks for this. Just received an identical email like this.
L
Post a Comment