Thursday, 26 March 2015

Fiserv Secure Email Notification - 2193855 secure.notification@fiserv.com

Fiserv Secure Email Notification - 2193855 secure.notification@fiserv.com email with a zip attachment...

Headers:
From: "Fiserv Secure Notification" {secure.notification@fiserv.com}
Subject: Fiserv Secure Email Notification - 2193855

Message body:
You have received a secure message

Read your secure message by opening the attachment, SecureFile.zip.

The attached file contains the encrypted message that you have received.

To read the encrypted message, complete the following steps:
 -  Double-click the encrypted message file attachment to download the file to your computer.
 -  Select whether to open the file or save it to your hard drive. Opening the file displays the attachment in a new browser window.

To access from a mobile device, forward this message to mobile@res.fiserv.com to receive a mobile login URL.

If you have concerns about the validity of this message, please contact the sender directly. For questions about secure e-mail encryption service, please contact technical support at 888.278.2454.

2000-2014 Fiserv Secure Systems, Inc. All rights reserved

There's a Zip file attached to the email:
SecureFile.zip

Inside the Zip file is a Windows Executable file:
SecureFile.scr
Sha256 Hashes (one example)
7db0da727b6a2f1b135959aefbc260048c06f2d4ae5faf13ac57c9fe7ad153d5    [1]

Malware Anti-Virus Reports (one example)
VirusTotal Report [1] (hits 5/57 Virus Scanners)
Malwr Report [1]
Hybrid Analysis Report [1]

Cheers,
Steve
Sanesecurity.com

1 comment:

Anonymous said...

This just came to my work email. Very sneaky!