This fake financial spam is meant to have a malicious attachment, but it is corrupt:
From Kelly Pollard [kelly.pollard@carecorner.co.uk]
Date Fri, 15 Jan 2016 13:56:01 +0200
Subject Statement
Your report is attached in DOC format.
Kelly Pollard
Marketing Manager
Tel: 01204 89 54 10 Fax: 01204 89 54 11
[final care corner logo]
The attachment is named
Statement 012016.doc but due to an error in the email it is corrupt, and is either zero length or will produce garbage. If it were to work, it would produce a payload similar to that found
here and
here, namely the Dridex banking trojan. This is the third corrupt Dridex run today. Shame.
6 comments:
I just got this email - it looked kinda legit so was sorely tempted to open it. Thank you for your advice!
my father opend the dokument, it was blank. How can we check if we got infected? he can´t remember if it opend in secured modus. He is pretty sure there was no repair request.
@Mo N - you cannot get infected from this particular spam run sent on this day.
@Conrad
thanks a lot, so I misunderstood and it´s not a trojan? you made my day sir
@Mo N - it *is* a trojan, but they messed it up and it is harmless unless you go through several rather complex steps to recover the entire message, and extract and correct the faulty code.. and then run it :)
I received this on 15/01/2016 8:49 PM sent to my office email. Thanks for this info Conrad
Post a Comment