Monday, 27 April 2015

HI Rob Robichaud Hub City Auto Paints and Supplies Ltd.

HI Rob Robichaud Hub City Auto Paints and Supplies Ltd. with a malware zip attached...

Headers:
From: {random}
Subject: HI{email address}
Message body:
Hello! Can you please check the Attachment that I have sent? I need your help.

Thanks
Rob Robichaud
Hub City Auto Paints and Supplies Ltd.
A Division of Autochoice Parts & Paints
CSR
153 Loftus St
Moncton, NB
E1E 2N3
Ph: 506-857-8394 ext 115
Cell:  506-381-1123
Fx:  506-858-7893
e-mail:  rob.robichaud@hubcityautopaints.com
web:  www.hubcityautopaints.com
Attached to the message is a Zip file:
kris- #70533363.zip
Inside the Zip file is a Windows Executable file:
Lmiya.exe
LOG.exe
Reports.exe
Sha256 Hashes:
e7537927352f7598a9afb64ea6bfb4e59936c8bda698720fdc69b290dd9b2241 [1]
4bb405eb9dfe78bf231ef696d6d3a1a87861f53245e0a22b182cb73133a9846e [2]
7b503b38f94671dea8f05aa56ed9b630cbfe1e1ec5a892fc7d2176a3d004dfbb [3]
Anti virus reports:
VirusTotal Report: [1] (Detection 2/57)
VirusTotal Report: [2] (Detection 2/57)
VirusTotal Report: [3] (Detection 2/57)

Cheers,
Steve
Sanesecurity.com

No comments: