Date: Wed, 14 May 2014 11:56:34 -0500 [12:56:34 EDT]
From: Nola Painter [Nola.Painter@citibank.com]
Subject: FW: Important - Commercial Form
citibank.com
Commercial Banking Form
To: [redacted]
Case: C1957115
Please scan attached document and fax it to +1 800-285-1110 .
All web filed documents (with the exception of downloaded accounts templates) are available to view / download for 10 days after their original submission. Once accepted, these changes will be displayed on the public record. Not yet filing your accounts online? See how easy it is... For enquiries, please telephone the Service Desk on +1 800-285-4794 or email enquiries@citibank.com. This email was sent from a notification-only email address which cannot accept incoming mail. Please do not reply directly to this message. .
Yours faithfully
Nola Painter
Commercial Banking
Citibank N.A
Nola.Painter@citibank.com
Copyright © 2014 Citigroup Inc.
Citibank
Other senders spotted include:
Lavonne Bermudez [Lavonne.Bermudez@citibank.com]
Gabriel Britton [Gabriel.Britton@citibank.com]
Attached to the message is an archive file CommercialForm.zip which in turn contains a malicious executable CommercialForm.exe which has a VirusTotal detection rate of 19/52. Automated analysis tools [1] [2] [3] show that it downloads an encrypted file from [donotclick]desktopcrafts.com/wp-content/uploads/2014/05/Targ-1405USdp.enc although what that does is currently unclear.
No comments:
Post a Comment