email with a zip attachment...
Headers:
Message body:
Message id: snwjrP_769035.
Sent date: Wed, 01 Apr 2015 10:21:45 +0100.
|
|
There's a Zip file attached to the email:
Inside the Zip file is a Windows Executable file:
Sha256 Hashes:
8588df376e110cc493c03db784c750c2210d7f83c8afe08fff96659c37f2a6b9 [1]
|
Malware Anti-Virus Reports:
VirusTotal Report [1] (hits 2/57 Virus Scanners) (Upatre)
Malwr Report [1]
Hybrid Analysis Report [1] |
The malware in the zip is a trojan downloader largely referred to as Upatre.
This downloader will then probably download it's parter in crime Dyre.
Dyre, is Zeus-like banking Trojan, which is trying to capture as much information about your online banking details as possible.
It's also being used to then send out the same malware to everyone else
by using your own copy of outlook and your bandwidth. |
Cheers,
Steve
Sanesecurity.com
4 comments:
thank you just got an email like that
Thanks, I looked here before opening, am now deleting!
What do we do if someone opened the zip file?
I'm techie at fax.co.uk
Yesterday there was some kind of spam attack with a malicious payload - we received over 3 Million of them on our servers
The attack did not originate from us.
Post a Comment