Thursday, 29 October 2015

Your eBay Invoice is Ready

Description:


Your eBay Invoice is Ready ebay_591278156712819_291015.zip malware.

Headers:

From: "eBay" {ebay@ebay.com}
Subject: Your eBay Invoice is Ready

Message Body:

LEASE DO NOT RESPOND - Emails to this address are not monitored or responded to.

Dear Customer,

Please open the attached file to view invoice.

If the attachment is in PDF format you may need Adobe Acrobat Reader to read or download this attachment. If you require Adobe Acrobat Reader this is available at no cost from the Adobe Website www.adobe.com

Attachment filenames:

ebay_591278156712819_291015.zip


Inside Zip attachment:

ebay_591278156712819_291015.exe

Sha256 Hashes:

 0a0818d1893eb92fb6535408d5a9b482960b62629492962f688917c9206d79f3 [1]

Malware Virus Scanner Reports:

VirusTotal Report: [1] (detection 3/56)

Sanesecurity Signature detection:

phish.ndb: Sanesecurity.Malware.25726.ZipHeur


It's also worth remembering that the company itself  may not have any knowledge of this email and any link(s) or attachment in the email. normally won't have come from their servers or IT systems but from an external bot net.

These bot-net emails normally have faked email headers/addresses. It's not advised to ring the the company themselves, as there won't really be anything they can do to help you.



Cheers,
Steve

No comments: