Sponsored by..

Friday 15 November 2013

RingCentral "Bank of America" fax message spam / 442074293440-1116-084755-242.zip

This fake fax message email has a malicious attachment:

Date:      Fri, 15 Nov 2013 12:05:36 -0500 [12:05:36 EST]
From:      RingCentral [notify-us@ringcentral.com]
Subject:      New Fax Message on 11/15/2013 at 09:51:51 CST

You Have a New Fax Message

From
Bank of America

Received:
11/15/2013 at 09:51:51 CST

Pages:
5
   
To view this message, please open the attachment.

Thank you for using Ring Central .


There is an attachment 442074293440-1116-084755-242.zip which unzips into a malicious exectuable 442074293440-1116-084755-242.exe which has a VirusTotal detection rate of 11/47. Automated analysis tools [1] [2] show an attempted connection to aspenhonda.com on 199.167.40.33 (FAM Info Systems / ServInt, US). The domain in question has been hacked, it is not possible to tell if the entire server is compromised but there are other legitimate sites on that box.

No comments: