Interfax Online You have new fax, document 00289305 javascript malware.
Headers:
Subject: You have new fax, document 00289305
Date: Sat, 5 Dec 2015 00:00:56 -0600
From: "Interfax Online" {incoming@interfax.net}
|
Message Body:
| You have received a new fax. You can find your fax document in the attachment. Date: Fri, 4 Dec 2015 20:13:12 +0300 Scan quality: 500 DPI Scanned by: Gabriel Henry Fax name: document-00289305.doc Scanned in: 10 seconds File size: 176 Kb Number of pages: 4 Thanks for choosing Interfax! |
Attachment filename(s):
document-00289305.zip
Name inside File:
document-00289305.doc.js
Sha256 Hashes:
67b263ed8bdf5939eed98d522f56af842666bd02cc1d3d6e6d8c972d5f6f9ca7 [1]
Malware Virus Scanner Report(s):
Sanesecurity Signature detection(s):
foxhole_filename.cdb: Sanesecurity.Foxhole.Zip_docjsnum511
phish.ndb: Sanesecurity.Malware.25884.JsHeur
phish.ndb: Sanesecurity.Malware.25884.JsHeur
Important notes:
It's
also worth remembering that the company itself may not have any
knowledge of this faked email and any link(s) or attachment in the email normally won't have
come from their servers or IT systems but from an external bot net.
These bot-net emails normally have faked email headers/addresses.
It's not advised to ring/email the the company themselves, as there won't really be anything they can do to help you or to stop the emails being spread.
These bot-net emails normally have faked email headers/addresses.
It's not advised to ring/email the the company themselves, as there won't really be anything they can do to help you or to stop the emails being spread.
Cheers,
Steve
No comments:
Post a Comment