Friday, 6 May 2016
On 01:47 by admin No comments
MX Lab, http://www.mxlab.eu, started to intercept a new malware distribution campaign by email with the subject “Your Amazon.co.uk order has dispatched (#583-6989419-8889556)”.
This email is send from the spoofed address “”Amazon.com” <auto-shipping@amazon.com>” and has no body content in the email. It is clear that this fake email doesn’t originate from Amazon directly.
The attached file invoice84576872.doc is a Word file with malicious macro.
The attached file ORDER-583-6989419-8889556.zip contains the file 4775327493_4421613.js.
The malware is detected as Trojan.Ransom-Locky!8.4655-fi21vws43hB (Cloud) by 3/56 AV engines at Virus Total.
This email is send from the spoofed address “”Amazon.com” <auto-shipping@amazon.com>” and has no body content in the email. It is clear that this fake email doesn’t originate from Amazon directly.
The attached file invoice84576872.doc is a Word file with malicious macro.
The attached file ORDER-583-6989419-8889556.zip contains the file 4775327493_4421613.js.
The malware is detected as Trojan.Ransom-Locky!8.4655-fi21vws43hB (Cloud) by 3/56 AV engines at Virus Total.
Subscribe to:
Post Comments (Atom)
Search
Featured post
27 good hacker documentary
In the eyes of most people, a group of hackers usually extremely boring nothing interesting people, and that if only the computer code in ...

0 comments:
Post a comment