Email “Remittance Advice” Bailey of Bristol contains trojan (http://blog.mxlab.eu/2014/09/05/email-remittance-advice-bailey-of-bristol-contains-trojan/)※Link
MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Remittance Advice”.
This email is send from the spoofed addresses and has the following body:
Remittance Advice from Bailey of Bristol Dear, We are making a payment to you. Please find attached a copy of our remittance advice, done on 5/09/2014. If you have any questions regarding the remittance please contact us using the details below.
Kind regards Sybil Martin Bailey of Bristol Tel: 949 906-5058 Fax: 949 820-2704
The attached ZIP file has the name Remittance_F033.zip and contains the 70 kB large file Remittance_F033.PDF.scr.
The trojan is known as HEUR/Malware.QVM19.Gen or Mal/Generic-S.
At the time of writing, 2 of the 55 AV engines did detect the trojan at Virus Total.
Use the Virus Total permalink for more detailed information.
SHA256: 0468f95e7fde8345215692208e80da2fd8bb6ae288b50425eb39b26004e66ea6
|