Sponsored by..

Wednesday 27 August 2014

"Customer Statements" malware spam

This brief spam has a malicious PDF attachment:

Fom:     Accounts [hiqfrancistown910@gmail.com]
Date:     27 August 2014 09:51
Subject:     Customer Statements

Good morning,attached is your statement.
My regards.

Attached is a file Customer Statements.PDF which has a VirusTotal detection rate of 6/55. Analysis is pending.


Jan said...

Looking over several hundred of these in logs, all used the pattern
hiqfrancistown + 3 numbers + @gmail.com as the sender.

MB said...

Hi is it possible to get the pdf files?

Unknown said...

We saw this same campaign today. Also saw a recon event yesterday where many people received emails with varied literature but no links or attachments. The same people received the .pdf email today.

MB said...

arrived, thx

Jan said...

@Kari Kuehneman
Same recon event a day earlier.

Can't confirm if the targets match up nicely here though.

Could have just been their first try was broken and didn't include a payload, which happens also.