This fake CareerBuilder email has a malicious attachment containing malware.Date: Tue, 23 Apr 2013 11:13:54 -0700 [14:13:54 EDT]
From: CareerBuilder [Herman_Gallagher@careerbuilder.com]
Subject: CareerBuilder Notification
Hello,
I am a customer service employee at CareerBuilder. I found a vacant position that you may be interested in based on information from your resume or a recent online submission you made on our site.
You can review the position on the CareerBuilder by downloading the attached PDF file.
Attached file is scanned in PDF format.
Adobe(R)Reader(R) can be downloaded from the following URL: http://www.adobe.com
Best wishes in your job search !
Hal_Shields
Careerbuilder Customer Service Team
CareerBuilder ,5550-A Peachtree Parkway , Norcross, GA 30092
The attachment CB_Offer_04232013_8817391.zip contains a file called CB_Offer_04232013_8817391.exe with an icon designed to look like a PDF file. Note that the date is encoded into the file and future variants will have a different filename.
VirusTotal detections are patchy at 18/46. I'm still waiting for some sort of analysis..
| MD5 | 924310716fee707db1ea019c3b4eca56 |
| SHA1 | 2d0d9c7da13f9ec9e4f49918ae99e9f17505a9cd |
| SHA256 | e66a9c463e3f4eb4ca2994a29ec34e0a021ff2541f6a9647dfd3b9131ba38dd5 |
No comments:
Post a Comment