Date: Tue, 15 Apr 2014 19:40:23 +0800 [07:40:23 EDT]Attached is a file Statement.zip which contains a malicious executable Statement.scr which has a VirusTotal detection rate of 9/51. Automated analysis tools [1] [2] [3] show an attempted download from the following locations:
From: "Sky.com" [statement@sky.com]
Subject: Statement of account
Afternoon,
Please find attached the statement of account.
We look forward to receiving payment for the February invoice as this is now due for
payment.
Regards,
Kathy
This email, including attachments, is private and confidential. If you have received this
email in error please notify the sender and delete it from your system. Emails are not
secure and may contain viruses. No liability can be accepted for viruses that might be
transferred by this email or any attachment. Wilson McKendrick LLP Solicitors, Queens
House, 29 St. Vincent Place, Glasgow G1 2DT Registered in Scotland No. SO303162. Members:
Mark Wilson LLB Dip. NP LP Allan T. McKendrick LLB Dip. LP NP.
[donotclick]pelicansea.com/css/1504UKd.zip
[donotclick]twinest.com/images/1504UKd.zip
A number of other IPs are contacted as well, indicating this this is P2P/Gameover Zeus.
No comments:
Post a Comment