You have received a voice mail Voicemail Report being spammed.
These emails aren't from these companies at all , they are just being used to make the email look more genuine, ie. from a real company.
Warning: The malware in this email is reported to be downloading cryptowall 3.0
CryptoWall will encrypt your data files so they can no longer be opened. Once your file are encrypted, you will then receive instructions on how to decrypted them by paying money :(
Message Header:
From: "Voicemail Report" {no-reply@voicemail-delivery.com}
To: Subject: You have received a voice mail
Message Body:
You received a voice mail : VOICE473-355-9698.wav (22 KB)
Caller--Id:
473-355-9698
Message--Id: 89X1RK
Email-Id: hp_printer@
Download and extract to listen the message.
We have uploaded
voicemail report.
Please use the following link to download your file:
----
Download voice mail
----
Microsoft Exchange Server |
Link takes you to:
http://contact72.ru/etjj5z/ptlh4.php
The above site downloads a zip file:
http://thimiceramics.com/VOICE8411-263-481.zip
Inside the Zip file is a Windows Executable:
VOICE8411-263-481.scr
Sha256 Hashes:
| 2328d042ec6293a85cf5beb00edd5cc0d8ff7dc5f426fe6f167e98cb87c8b376 [1] |
Malware Macro document information:
VirusTotal Report [1] (hits 5/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1] |
Cheers,
Steve
No comments:
Post a Comment