Threat Outbreak Alert RuleID23876: Email Messages Distributing Malicious Software on July 20, 2016

2016-07-20T15:50:32
ID CISCO-THREAT-47160
Type ciscothreats
Reporter Cisco
Modified 2016-07-20T15:50:32

Description

Medium

Alert ID:

47160

First Published:

2016 July 20 15:50 GMT

Version:

1

Summary

  • Cisco Security has detected significant activity related to spam email messages distributing malicious software.

Email messages that are related to this threat (RuleID23876) may contain the following files:

Name | Size in Bytes | MD5 Checksum
---|---|---
INVOICE #564643.vbs
| 1,878,970
| 0xFAA8925BDB9D765835328A88705D8CA0

The following text is a sample of the email message that is associated with this threat outbreak:

> Subject: Purchase Order

Message Body:

**Good day.
Urgently go through the attached file with our recent purchase list and treat with urgency.
Looking forward for your for your immediate response on availability.
Regards
Debbie | Accountant
Mob: +965 9002 5788 | Ph: +965 2471 2298, 2475 0937 | Ext: 110
Fax: +965 2471 2886 | Skype: jose.fll
P.O Box 314, Farwaniya 81014, Kuwait
www.fllogistics.com | An ISO 9001: 2008 Company
Kuwait | UAE | KSA | Iraq | India
Find & Follow us @


This e-mail and any attachments may contain confidential and privileged material for the sole use of the intended recipient(s). Any review or distribution by anyone other than the intended recipient(s) is strictly prohibited. If you are not the intended recipient(s), please contact the sender and delete all copies of this e-mail immediately.



All services Offered by FLL Group of Companies are subject to Insurance being arranged by the customer and According to the Standard Terms and Conditions, a copy of which can be viewed in our website or can be obtained from our Administrative Department.



Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Related Links
Cisco Security
Cisco SenderBase Security Network

Revision History

  • Version | Description | Section | Date
    ---|---|---|---
    1 | Initial Release | | 2016-July-20 15:50 GMT
    Show Less

Legal Disclaimer

  • THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products