This fake Amazon spam has a malicious attachment:
Date: Tue, 10 Dec 2013 11:19:03 +0200 [04:19:03 EST]
From: blackjacksxjt@yahoo.com
Subject: order #822-8266277-7103199
Good evening,
Thank you for your order. We�ll let you know once your item(s) have
dispatched.You can check the status of your order or make changes to it
by visiting Your Orders on Amazon.co.uk.
|
|
Order Details
|
|
Order #481-0295978-7625805
Placed on December 8, 2013
Order details and invoice in attached file. |
|
|
|
Need to make changes to your order? Visit our Help page for more information and video guides.
|
|
|
|
We hope to see you again soon.
Amazon.co.uk
|
|
Attached is an archive file
AM-ORDER-65HNA1972.zip (VirusTotal detections
9/47) which in turn contains a malicious executable
AM-ORDER-65HNA1972.exe (VirusTotal detections
9/49) which has an icon to make it look like some sort of document.
Automated analysis tools seem to be timing out
[1] [2] indicating perhaps that it has been hardened against sandbox analysis.
1 comment:
Received this scam today at 01.00. The scam was obvious - particularly since I don't have any current orders with Amazon.Nevertheless I am grateful that I use Linux, which wouldn't run a .exe file.
Post a Comment