Monday, 19 October 2015

NW - Leicester CRT Online banking application form CRM:017618675

NW - Leicester CRT Online banking application form  CRM:017618675 malware with an attached Online banking upd appl form.zip

Headers:
From: NW - Leicester CRT {Leicester.CMT@NatWest.com}
Subject: Online banking application form********* CRM:017618675
Message body:
Please find enclosed the requested online application form which
you will need to complete and return to myself via the post.
 
Kind Regards
 
Sal Melton
Relationship Manager's Assistant
Leicester Business Banking Customer Support
1st Floor
1 Granby Street
Leicester         
LE1 6EJ
Tel:  0116 2709615
Fax: 0116 2501160
E Mail: Sal.Melton@natwest.com
 
Internal depot code - 060
DATA CLASSIFICATION: unless otherwise stated the information contained within this email is CONFIDENTIAL

Attached to the message is a Zip file:
Online banking upd appl form.zip
Inside the Zip file is a Windows Executable file:
Online banking upd appl form.scr
Sha256 Hashes:
d46d08b4ee94c57efa56f55fdf995a88b64b3bd63a077577b5888fc750743d33 [1]
Anti virus reports:
VirusTotal Report: [1] (Detection 3/56)

Cheers,
Steve
Sanesecurity.com

No comments: