Threat Outbreak Alert RuleID10222: Email Messages Distributing Malicious Software on June 4, 2014

2014-06-04T19:01:45
ID CISCO-THREAT-34541
Type ciscothreats
Reporter Cisco
Modified 2014-06-04T19:01:45

Description

Medium

Alert ID:

34541

First Published:

2014 June 4 19:01 GMT

Version:

1

Summary

  • Cisco Security has detected significant activity related to spam email messages distributing malicious software.

Email messages that are related to this threat (RuleID10222) may contain the following files:

Name | Size in Bytes | MD5 Checksum
---|---|---
Invoice_Apple_Inc.05_2014_05PDF.zip/Invoice_#MCA-LA-0801E37YT6UY5437YT6UY54-2_Apple_Inc.05_2014_05%PDF-2.7.exe
| 321,256
| 0x3595E9BD59859682C386DA452C3FE211

The following text is a sample of the email message that is associated with this threat outbreak:

> Message Body:

Dear Client, Dear Customer,
We acknowledge receipt of your order placed on our Apple website and we thank you. Your order is being prepared, you will receive an email confirming the shipment of
your parcel. You can find information about your order and the product you have ordered below.
ORDER NUMBER: MCA-LA-0801E37YT6
Ordering Information
Order Date: May 30, 2014 8:23:11 PM EST
Delivery: Express delivery
Apple - Macbook - Laptop 13"(MD760F/A) 1366,30 EUR
Technical description:
- Intel Core i5 (4th Generation) 1.3 GHz.
- LED backlight.
- Integrated memory controller, Intel Turbo Boost Technology 2.0.
- Graphics Processor Intel HD Graphics 5000.
- Stereo speakers, two microphones.
- Battery Technology Lithium polymer.
- Camera Integrated webcam.
- RAM memory max support 8GB
- Operating System Apple OS X 10.9 Mavericks.
ASSISTANCE AND CUSTOMER SERVICE - hxxp://www.rueducommerce.fr Customer Service.
receipt
In the event of a problem with your product, billing or your order, please contact our technical support department at the following address hxxp://www.rueducommerce.fr.
DOWNLOAD YOUR INVOICE - you have 7 days to download before the end of the link.
download
Download Your invoice for your order U6100484802 of May 30, 2014
Please note that: the number of options available may vary depending on the mode of payment chosen and the current status of your order.
Total: EUR 1310.40
Frais de Port: EUR 55.90
Total of Order: EUR 1366,30
Copyright © 2014 Apple Inc. Tous droits réservés.

Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Related Links
Cisco Security
Cisco SenderBase Security Network

Revision History

  • Version | Description | Section | Date
    ---|---|---|---
    1 | Initial Release | | 2014-June-04 19:01 GMT
    Show Less

Legal Disclaimer

  • THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products