exe file that gets renamed to hgfudf.exe and autorun (VirusTotal 18/63***). net/picture_library/logo.png which of course is -not- an image file but a renamed. Ref72381821.doc - Current Virus total detections 4/58*. "An email with the subject of 'Ref: 72381821' pretending to come from Barclays Bank but actually coming from a look-a-like domain Barclays -or- Barclays with a malicious word doc attachment is today’s latest spoof of a well known company, bank or public authority delivering Trickbot banking Trojan. The basic rule is NEVER open any attachment to an email, unless you are expecting it." SCAN_PO#: Extracts to: SCAN_PO#.exe - Current Virus total detections 23/64* Update: I am reliably informed it is nanocore RAT 1.2.2.0. All detections on VirusTotal are heuristic or generic detections but it is quite well detected. an email with the subject of 'RFQ072017' coming from Stafford Shawn (possibly random senders) but definitely coming via Yahoo email network with a zip attachment containing a file that pretends to be a pdf file but is an. Fake 'purchase order' SPAM - delivers malware
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |