Date: Tue, 20 May 2014 09:20:53 +0100 [04:20:53 EDT]
From: Sage [Wilbur.Contreras@sage-mail.com]
Subject: FW: Invoice_6895366
Please see attached copy of the original invoice (Invoice_6895366).
Attached is an archive file Invoice6895366.zip which in turn contains a malicious executable Invoice200522014.scr which has a VirusTotal detection rate of 8/52.
The Malwr analysis shows that it then goes on to download further components from [donotclick]protecca.com/fonts/2005UKdp.zip some of which are:
- esli.exe (VT 6/52, Malwr report)
- uptoday.exe (VT 7/52, Malwr report)
- upsec.exe (VT 9/51, Malwr report)
No comments:
Post a Comment