Date: Thu, 24 Apr 2014 12:80:56 GMT [08:08:00 EDT]The mail headers in the email have been faked to make it look like it originated inside the victim's own internal network. Attached to the email is an archive file Balance-Sheet.zip which in turn contains a malicious executable Balance-Sheet.exe which has a VirusTotal detection rate of just 3/51.
From: Admin@victimdomain
Subject: FW: Balance Scheet
Please save the attached file to your hard drive before deleting this message. Thank you.
Automated analysis tools [1] [2] [3] show an attempted download from the following locations:
[donotclick]tmupi.com/media/images/icons/team/Targ-2404USm.tar
[donotclick]altpowerpro.com/images/stories/highslide/Targ-2404USm.tar
1 comment:
My company is also getting hit with this spam as well; thanks for the documentation!
Post a Comment