Date: Fri, 15 Nov 2013 12:05:36 -0500 [12:05:36 EST]
From: RingCentral [notify-us@ringcentral.com]
Subject: New Fax Message on 11/15/2013 at 09:51:51 CST
You Have a New Fax Message
From
Bank of America
Received:
11/15/2013 at 09:51:51 CST
Pages:
5
To view this message, please open the attachment.
Thank you for using Ring Central .
There is an attachment 442074293440-1116-084755-242.zip which unzips into a malicious exectuable 442074293440-1116-084755-242.exe which has a VirusTotal detection rate of 11/47. Automated analysis tools [1] [2] show an attempted connection to aspenhonda.com on 199.167.40.33 (FAM Info Systems / ServInt, US). The domain in question has been hacked, it is not possible to tell if the entire server is compromised but there are other legitimate sites on that box.
No comments:
Post a Comment