Date: Mon, 27 Jan 2014 14:24:42 +0100 [08:24:42 EST]
From: "TaxPro_PTIN@irs.gov" [TaxPro_PTIN@irs.gov]
Subject: Your FED TAX payment ( ID : 34KIRS821217111 ) was Rejected
*** PLEASE DO NOT RESPOND TO THIS EMAIL ***
Your federal Tax payment (ID: 34KIRS821217111), recently sent from your checking account was returned by the your financial institution.
For more information, please download notification, using your security PIN 55178.
Transaction Number: 34KIRS821217111
Payment Amount: $ 9712.00
Transaction status: Rejected
ACH Trace Number: 768339074172506
Transaction Type: ACH Debit Payment-DDA
Internal Revenue Service, Metro Plex 1, 8401 Corporate Drive, Suite 300, Landover, MD 20785.
Attached is a file Tax payment.zip which in turn contains a malicious executable Tax payment.exe which has a VirusTotal detection rate of 11/50. Automated analysis by Malwr is inconclusive, other analysis tools are currently down or under DDOS at the moment.
No comments:
Post a Comment