Sponsored by..

Wednesday 23 December 2015

Malware spam: "UKSM Invoice 70146427" / "uksafetymanagement.co.uk"

This fake financial spam comes with a malicious attachment. It does not come from uksafetymanagement.co.uk but is instead a simple forgery.
From:    Claire Carey
Date:    23 December 2015 at 12:01
Subject:    UKSM Invoice 70146427

Good time of day,

Thank you for choosing UK Safety Management Ltd. to carry out your Portable Appliance Testing.

Please find enclosed your invoice.

Claire Carey
The sender's name and reference number are randomly generated. Attached is a file in the format invoice29111658.doc which comes in at least three different versions (VirusTotal results [1] [2] [3]).

Analysis of the documents is pending. However, this is likely to be the Dridex banking trojan.

The payload appears to be the same as the one found in this spam run.

No comments: