Thursday, 29 October 2015

Your eBay Invoice is Ready


Your eBay Invoice is Ready malware.


From: "eBay" {}
Subject: Your eBay Invoice is Ready

Message Body:

LEASE DO NOT RESPOND - Emails to this address are not monitored or responded to.

Dear Customer,

Please open the attached file to view invoice.

If the attachment is in PDF format you may need Adobe Acrobat Reader to read or download this attachment. If you require Adobe Acrobat Reader this is available at no cost from the Adobe Website

Attachment filenames:

Inside Zip attachment:


Sha256 Hashes:

 0a0818d1893eb92fb6535408d5a9b482960b62629492962f688917c9206d79f3 [1]

Malware Virus Scanner Reports:

VirusTotal Report: [1] (detection 3/56)

Sanesecurity Signature detection:

phish.ndb: Sanesecurity.Malware.25726.ZipHeur

It's also worth remembering that the company itself  may not have any knowledge of this email and any link(s) or attachment in the email. normally won't have come from their servers or IT systems but from an external bot net.

These bot-net emails normally have faked email headers/addresses. It's not advised to ring the the company themselves, as there won't really be anything they can do to help you.


No comments: