The attachment is VoiceMail.zip with a VirusTotal detection rate of 9/49, which in turn contains a malicious executable VoiceMail.exe with an icon to make it look like an audio file, and this has a also detection rate of 9/49 (but with slightly different detections).
Date: Thu, 19 Dec 2013 08:36:56 -0600 [09:36:56 EST]
From: Voice Mail [noreply@spamcop.net]
Subject: New Voicemail Message
New Voicemail Message
You have been left a 1:02 long message (number 1) in mailbox from "Elfin Cars Sports"
07594434593, on Thursday, December 19, 2013 at 07:20:02 AM
The voicemail message has been attached to this email - which you can play on most
computers.
Please do not reply to this message. This is an automated message which comes from an
unattended mailbox. This information contained within this e-mail is confidential to, and
is for the exclusive use of the addressee(s). If you are not the addressee, then any
distribution, copying or use of this e-mail is prohibited. If received in error, please
advise the sender and delete/destroy it immediately. We accept no liability for any loss
or damage suffered by any person arising from use of this e-mail.
Automated analysis tools [1] [2] show an attempted connection to plantautomation-technology.com on 216.151.164.211 (NJ Tech Solutions, US) and anuudyog.com on 66.7.149.156 (Web Werks, US).
No comments:
Post a Comment