From: Claire CareyThe sender's name and reference number are randomly generated. Attached is a file in the format invoice29111658.doc which comes in at least three different versions (VirusTotal results [1] [2] [3]).
Date: 23 December 2015 at 12:01
Subject: UKSM Invoice 70146427
Good time of day,
Thank you for choosing UK Safety Management Ltd. to carry out your Portable Appliance Testing.
Please find enclosed your invoice.
Claire Carey
www.uksafetymanagement.co.uk
Analysis of the documents is pending. However, this is likely to be the Dridex banking trojan.
The payload appears to be the same as the one found in this spam run.
No comments:
Post a Comment