Sanesecurity ClamAV blog: zero hour malware, phishing and scams: HI Rob Robichaud Hub City Auto Paints and Supplies Ltd.

Monday, 27 April 2015

HI Rob Robichaud Hub City Auto Paints and Supplies Ltd.

HI Rob Robichaud Hub City Auto Paints and Supplies Ltd. with a malware zip attached...

Headers:

From: {random}
Subject: HI{email address}

Message body:

Hello! Can you please check the Attachment that I have sent? I need your help.

Thanks
Rob Robichaud
Hub City Auto Paints and Supplies Ltd.
A Division of Autochoice Parts & Paints
CSR
153 Loftus St
Moncton, NB
E1E 2N3
Ph: 506-857-8394 ext 115
Cell: 506-381-1123
Fx: 506-858-7893
e-mail: rob.robichaud@hubcityautopaints.com
web: www.hubcityautopaints.com

Attached to the message is a Zip file:

kris- #70533363.zip

Inside the Zip file is a Windows Executable file:

Lmiya.exe
LOG.exe
Reports.exe

Sha256 Hashes:

e7537927352f7598a9afb64ea6bfb4e59936c8bda698720fdc69b290dd9b2241 [1]
4bb405eb9dfe78bf231ef696d6d3a1a87861f53245e0a22b182cb73133a9846e [2]
7b503b38f94671dea8f05aa56ed9b630cbfe1e1ec5a892fc7d2176a3d004dfbb [3]

Anti virus reports:

VirusTotal Report: [1] (Detection 2/57)
VirusTotal Report: [2] (Detection 2/57)
VirusTotal Report: [3] (Detection 2/57)

Cheers,
Steve
Sanesecurity.com

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Monday, 27 April 2015

HI Rob Robichaud Hub City Auto Paints and Supplies Ltd.

No comments: