Amazon3

Amazon

Friday, 6 March 2015

Your online Gateway.gov.uk Submission malware

Your online Gateway.gov.uk Submission malware

Headers:
From: "Gateway.gov.uk" {iyks@blessedbethyname.com}
Subject: Your online Gateway.gov.uk Submission
Message body:
Government Gateway logo

Electronic Submission Gateway


Thank you for your submission for the Government Gateway.
The Government Gateway is the UK's centralized registration service for e-Government services.

To view/download your form to the Government Gateway please visit http://www.gateway.gov.uk/

This is an automatically generated email. Please do not reply as the email address is not
monitored for received mail.
gov.uk - the best place to find government services and information - Opens in new window

The best place to find government services and information











The link inside the email downloads Zip file:






https://www.cubbyusercontent.com/pl/secure.message_ACNO%23371.zip/_33ea06bfb8bf41d387ce4b30f9fde2c2





Zip is called:






secure.message_ACNO#371.zip







Inside the Zip file is a Windows executable:






secure.message_ACNO#371.exe





Sha256 Hashes:






d32b3101ed671c91c71a85946fbbfc8027108b0e82713a427c6f99560e2a4c89  [1]









Malware Information:






VirusTotal Report [1] (hits 1/57 Virus Scanners)



Malwr Report [1]



Hybrid Analysis Report [1] 

Warning: Code classification distribution is known to appear in malware 
Details:    TrID distribution is very similar to the "CTB-Locker" family 

SHA256: cbba56bd16222191f1468a1d93b63945394371cfb9ffe38f34a9575c5655e57a)
source Based on TrID evaluation







Cheers,



Steve

Sanesecurity.com 








Posted by



at












































No comments:











Post a Comment







        

      









Subscribe to:
Post Comments (Atom)