Dynamoo's Blog: Malware spam: "This is your Remittance Advice #CCI36306" / "Violet Garner [Jodi.1d@ip-35-29-71-77.bgwan.com]" / "Saint Gobain UK"

Thursday, 19 February 2015

Malware spam: "This is your Remittance Advice #CCI36306" / "Violet Garner [Jodi.1d@ip-35-29-71-77.bgwan.com]" / "Saint Gobain UK"

This fake financial email does not come from Saint Gobain UK but is instead a forgery with a malicous attachment.

From:    Violet Garner [Jodi.1d@ip-35-29-71-77.bgwan.com]
Date:    19 February 2015 at 11:25
Subject:    This is your Remittance Advice #CCI36306

DO NOT REPLY TO THIS EMAIL ADDRESS

Please find attached your remittance advice from Saint Gobain UK.
For any queries relating to this remittance please notify the Payment Enquiry Team on 01484946582

Regards,
SGBD National Payments Centre

I have seen two different versions of the malicious attachment CCI36306.xls, one of which is functionally identical to this one, the other one downloads a file from:

http://hummel-29.de/js/bin.exe

This malicious binary is the same one as used in two other spam runs today [1] [2].

Dynamoo's Blog

Link List

Sponsored by..

Thursday, 19 February 2015

Malware spam: "This is your Remittance Advice #CCI36306" / "Violet Garner [Jodi.1d@ip-35-29-71-77.bgwan.com]" / "Saint Gobain UK"

No comments: