2015 September 29 19:39 GMT
2015 September 30 14:07 GMT
Email messages that are related to this threat (RuleID18357 and RuleID18357KVR) may contain the following files:
Name | Size in Bytes | MD5 Checksum
Bank_mentation saskatoon calculating_protection.zip / semijoin migration flows tableau.exe
Bank_quill backgammon finally_protection.zip / unique identifier anticipator superposable.exe | 45,568
Bank_vine weighed foolhardy_protection.zip / trading affranchise sours.exe | 45,568
Bank_avocados indivertible job lot_protection.zip / trample socialistic gourmet.exe | 45,568
The following text is a sample of the email message that is associated with this threat outbreak:
> Subject: Blocked access notification letter
We have detected suspicious activity with Your Online-Banking profile. Please be informed that
the access and some capabilities of Your profile were restricted for security reasons. Temporarily
You cannot conduct transactions with online-banking profile. In order to obtain full management
powers You have to fill in and send back the attached form.
Please use codename for authorization (contained in the attachment).
Online-Banking profile: 830820624580938466
Code Name: mentation saskatoon calculating
Our security department representative will contact You later to provide further instructions.
NAB Support Team.
> Subject: Confined access notification letter
> Subject: Limited profile notice
Subject: Confined access alert
Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products