FW: Invoice 3227933 - ADP scam - malware P2P Zeus

Date: Wed, 2 Oct 2013 10:47:08 -0500
From: "Myles Mitchell" <Myles.Mitchell@adp.com>
To: 
Subject: FW: Invoice 3227933
Attachments:Invoice_OCT-02-2013.zip
Your invoice is attached.

Sincerely,
Myles Mitchell

This e-mail has been sent from an automated system.  PLEASE DO NOT REPLY.

The information contained in this message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify your representative immediately and delete this message from your computer.
=============================================================
Header

Envelope From: fraud@aexp.com
Envelope To:
Content-Type: multipart/mixed; boundary="----=_Part_59083_1608223493.5123402938963"
Date: Wed, 2 Oct 2013 10:47:08 -0500
From: "Myles Mitchell" <Myles.Mitchell@adp.com>
MIME-Version: 1.0
Message-ID: <524C3E4D.9050905@adp.com>
Received: from aexp.com ([216.46.17.202]) by  xxxxxx with SMTP; Wed, 02 Oct 2013 17:47:10 CEST
Received: from [101.224.135.214] (port=53677 helo=[10.0.1.27]) by 216.46.17.202 with asmtp id 1rqLaL-0002P-00 for xxxxxxxx; Wed, 2 Oct 2013 10:47:08 -0500
To:xxxxxx
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20110929 Thunderbird/7.0.1
X-Mras: Ok
X-Spam: Not detected

https://www.virustotal.com/en/file/8046e285022558fc25add88d1bc107158430408db221e81b5f0a3e1aab6bc5f4/analysis/
SHA256: 8046e285022558fc25add88d1bc107158430408db221e81b5f0a3e1aab6bc5f4
SHA1: 0fc78febb6e37863a7e84d0b0ca0f19ff54fba4a
MD5: 705e1bf36292d6acb74b8fbe20b5f7b6
File size: 27.0 KB ( 27648 bytes )
File name: Invoice_OCT-02-2013.exe
File type: Win32 EXE
Tags: peexe
Detection ratio: 12 / 48
Analysis date: 2013-10-02 22:15:03 UTC ( 7 minutes ago )
Antivirus Result Update
Ikarus Win32.Outbreak 20131002
VIPRE Win32.Malware!Drop 20131002
F-Prot W32/Trojan3.GDE 20131002
Commtouch W32/Trojan.AIPM-3539 20131002
Emsisoft Trojan.Win32.Tepfer (A) 20131002
Kaspersky Trojan.Win32.Agent.iavy 20131002
DrWeb Trojan.DownLoad3.28161 20131002
TrendMicro-HouseCall TROJ_GEN.F0D1H00J213 20131002
Sophos Troj/Mdrop-FLP 20131002
AntiVir TR/Crypt.ZPACK.Gen 20131002
McAfee Artemis!705E1BF36292 20131002
McAfee-GW-Edition Artemis!705E1BF36292 20131002

C2
emrlogistics.com
103.14.122.57




No comments:

Post a Comment

Note: Only a member of this blog may post a comment.