This fake banking spam comes with a malicious attachment:
From donotreply@lloydsbank.co.uk
Date Fri, 18 Sep 2015 11:52:36 +0100
Subject Transaction confirmation
Dear Customer,
Please see attached the confirmation of transaction conducted from Your
account. Kindly sign and forward the copy to us for approval.
Best regards,
Your personal Manager
Thora Blanda
tel: 0345 300 0000
LLOYDS BANK.
Attached is a file
Notice.zip which contains a malicious executable
Value mortgage policy .exe (note the rogue space) which has a VirusTotal detection rate of
3/55. The
Hybrid Analysis report shows activity consistent with Upatre/Dridex including a key indicator of traffic to
197.149.90.166 in Nigeria.
No comments:
Post a Comment