This fake financial spam does not come from
Affordable Car Hire but is instead a simple forgery with a malicious attachment.
From: Reservations [res@affordablecarhire.com]
Date: 15 December 2015 at 11:50
Subject: Invoice for Voucher ACH-2-197701-35
 |
| |
|
|
| Payment Link For BookingACH-2-197701-35 |
| |
| |
| Please find attached your invoice for reservation number ACH-2-197701-35 |
| |
|
|
| This email was sent on 14/12/2015 at 16:25 |
| |
 |
| ACH-2-197701-35-invoice.xls
116K |
|
I have only seen a single sample, with an attachment
ACH-2-197701-35-invoice.xls which has a VirusTotal detection rate of
3/54. According to this Malwr report, it downloads a malicious binary from:
usahamanfaat.com/8iy45323f/i87645y3t23.exe
The payload here is the Dridex banking trojan, and it is identical to the one found in
this spam run.
1 comment:
I opened this attachment, but apparently nothing was downloaded. I tried to scan my pc with Malwarebytes, bitdefender and spyhunter and got only negative reports. Is there anything I could do to be sure that my pc was not infected? Thank you
Post a Comment