From: Margret KuhicAll the sames I have seen have a corrupt attachment which is Base 64 encoded, it is possible that other people might receive a valid attachment though. The attachment was meant to be 723296788_Marquardt-Bailey_Margret Kuhic.zip containing the malicious executable june_stiedemannmolestiae.et.exe which has a VirusTotal detection rate of 2/56.
Date: 1 September 2015 at 16:10
Subject: Complaint of your Internet activity
This is a complaint notification. Full details attached. Please notify us within 24 hours with taken actions.
Margret Kuhic
Dynamic Communications Agent
T: 1-679-732-5379
F: 100.173.9045
This Hybrid Analysis report shows it to be just another variant of Update / Dyre with the same characteristics as the malspam seen earlier today, sending traffic to an IP that I suggest you block or monitor:
197.149.90.166 (Cobranet, Nigeria)
Some other subjects spotted include:
Complaint notification 50646
Infringement of your Internet activity
Infringement notification 51494
1 comment:
I have received two emails today from Corrine Greenholt with the following message:
This is a complaint notification. Full details attached. Please notify us within 24 hours with taken actions.
Corrine Greenholt
Central Paradigm Technician
T: (855) 975-8147
F: 427.877.5342
and the following attachment:
Untitled Attachment 00232.zip (24 kb)
I haven't opened it because I feared it was a Virus/Malware and it looks like I was right.
Glad I found your post,
Thanks
Robin Gurl
Post a Comment