We've seen spam like this
before. It comes with a malicious attachment.
Date: Thu, 10 Jul 2014 00:09:28 -0700 [03:09:28 EDT]
From: "PGS Global Express Co, Ltd." [pgsglobal1960@gmail.com]
Subject: Re TT PAYMENT COPY
ATTN:
Good day sir,here is the copy of the transfer slip ,kindly find the attach copy and please check with your bank to confirm the receipt of the payment and do the needful by dispatching the material as early as possible.
We hope you will do the needful and let us know the dispatch details.
(purchase) Manager.
------sent from my iphone5s-------
It comes with an attachment
TT PAYMENT COPY.ZIP containing the malicious executable
TT PAYMENT COPY.exe which has a VirusTotal detection rate of
19/54.
According to Malwr this appears to be a self-extractive archive file which then drops (inter alia) a file
iyKwmsYRtDlN.com which has a very low detection rate of
1/52. It isn't clear what this file does according to the
report.
No comments:
Post a Comment