2015 October 14 19:14 GMT
2015 October 16 12:52 GMT
Email messages that are related to this threat (RuleID18700 and RuleID18700KVR) may contain the following files:
Name | Size in Bytes | MD5 Checksum
pm2.exe | 186,368
pm2.exe | 111,104
The following text is a sample of the email message that is associated with this threat outbreak:
> Subject: sued
I got this subpoena in my mail box today, saying that I have been sued by *you.*
I am sorry but I don't even know what this is.
I am attaching a scanned copy , please let me know what this is about
> Subject: Incoming fax document from Caller ID 650-472-4289
A new fax document was sent to you through ringcentral.com.
Sender ID : 650-472-4289
You can view your fax by opening the attached file.
Please note that Microsoft Office must be installed on your computer.
Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products