Collaborate Disseminate
I had a bit of a problem trying to analyse this malware today. The word doc looks pretty average at first glance, but trying to run it in Anyrun on a W7 32 or 64 bit version of windows. gave me VBA errors. It also wouldn’t run on 64 bit version… Continue reading Fake order delivering AveMaria stealer with difficult office doc.
A rather well done phishing scam dropped in my inbox this morning. The email comes from what is alleged to be an online e-commerce site, saying your order has been shipped, follow the link to view the order details. The domain sending these does exis… Continue reading fake holly-wilson shipping notification – Phishing
A very slightly strange and less usual malware campaign this morning that does eventually deliver Formbook. The email is nothing special, very terse & bland that just says ” Kindly find the attachment”. It has 2 Microsoft Word Doc attac… Continue reading Fake Hillconmining Incoming20414 email delivers Formbook
We have been noticing a “new ” netwire Trojan recently being delivered by multiple different spam emails, abusing Microsoft OneDrive, either through compromised or fraudulently set up accounts. This particular version says that asecorp ( a … Continue reading Fake DHL Shipment Notification delivers Netwire Trojan
We have been in a bit of lull with a quiet couple of weeks on the malware front in the UK, but that seems to have come to an end overnight and early this morning. Most of the malware are very common, well known versions of Lokibot, Hawkeye and a marg… Continue reading Fake Bank Detail For Funds Transfer delivers info stealer malware
Today we have seen a big change in the plague of Blackmail, Sextortion Scam attempts we have all been seeing over the last few months and even years. The emails will all basically say that he has placed a keylogger on your computer and has evidence o… Continue reading Big change in the plague of Blackmail, Sextortion Scam attempts
Yet another Agent Tesla Keylogger / Info-stealer Trojan malware delivered via a fake Request for Quotation email with a malicious Excel XLS spreadsheet attachment using Microsoft Equation Editor Exploit CVE-2017-11882. We see dozens of this sort of ema… Continue reading Agent Tesla keylogger via fake Request for Quotation
Just a quick update to Emotet delivery campaigns that have plagued us for ages. I don’t normally post much about Emotet. There are lots of other researchers keeping an eye on it, who post regular updates via Twitter etc, Until recently Emotet wa… Continue reading Quick update to Emotet delivery campaign
I really don’t know what I have got here. I am totally and utterly confused by it. I don’t know if it even works or runs, or whether it just fails in anyrun or any other online sandbox, but will run on a “normal” computer. It al… Continue reading Fake sentencing report delivers some sort of malware via a complicated chain.
I have a bit of a strange one here from yesterday evening. I received a couple of different copies of this email, both coming from the same server and IP number but with different alleged senders. I am not exactly sure what it is. although some detect… Continue reading Fake order confirmation for refurbished Samsung TV delivers Malware