Thursday, 26 March 2015

Yarde Metals Invoice email.invoice

Yarde Metals Invoice email.invoice email with a zip attachment...

Headers:
From: "email.invoice" {email.invoice@yarde.com}
Subject: Yarde Metals Invoice

Message body:
Thank you for your order.

Attached is your original invoice. If you would
like to pay for
your order with a wire transfer please contact Angela Palmer

at 860-406-6311 for bank details.

Friendly reminder:
Yarde Metals terms
are 1/2% 10, Net 30. We appreciate your prompt payment.

There's a Zip file attached to the email:
{xo1gd3E:.zip

Inside the Zip file is a Windows Executable file:
221324.exe
Sha256 Hashes (one example)
6e22d47c76efa1c5d2c957a64be877a9901ae188b51a67ea84f382dfb7b9d941   [1]

Malware Anti-Virus Reports (one example)
VirusTotal Report [1] (hits 3/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]

Cheers,
Steve
Sanesecurity.com

2 comments:

Anonymous said...

Thank you. I was wondering if I should open it. We purchase things for the farm and it could have been legit.

Anonymous said...

Thanks for this. Just received an identical email like this.

L