Threat Outbreak Alert RuleID24305: Email Messages Distributing Malicious Software on August 15, 2016

2016-08-15T16:18:13
ID CISCO-THREAT-48480
Type ciscothreats
Reporter Cisco
Modified 2016-08-15T16:18:13

Description

Medium

Alert ID:

48480

First Published:

2016 August 15 16:18 GMT

Version:

1

Summary

  • Cisco Security has detected significant activity related to spam email messages distributing malicious software.

Email messages that are related to this threat (RuleID24305) may contain the following files:

Name | Size in Bytes | MD5 Checksum
---|---|---
EURO 37500 SWIFT.7z / EURO 37500 SWIFT.exe
| 582,656
| 0x216D2324BB9277CCDCD5088EC28730B1

The following text is a sample of the email message that is associated with this threat outbreak:

> Subject: Attention,

Message Body:

**Please see attached payment swift document based on the instruction from our customer.
Should you have any inquiry or require assistance, please contact your payer (our customer) at the contact number stated in the attached advice.Please note that you will need Adobe Acrobat Reader Version 5.0 or above to view your advice. If you do not have the required software,
you can download it from the Adobe website at www.adobe.com
Best Regards,
Emirates NBD Bank
P.O. Box 777 Deira,
Dubai United Arab Emirates
Phone: +971 600 540040
Fax: +971 4 327 2996


Disclaimer
This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may
emmalyn2020: wish to refer to the incorporation details of Emirates NBD, Emirates NBD Bank and their subsidiaries at hxxp://www.emiratesnbd.com/en/**

Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Revision History

  • Version | Description | Section | Date
    ---|---|---|---
    1 | Initial Release | ? | 2016-August-15
    Show Less

Legal Disclaimer

  • THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products