Threat Outbreak Alert RuleID33330: Email Messages Distributing Malicious Software on August 13, 2018

2018-08-14T20:18:34
ID CISCO-THREAT-58729
Type ciscothreats
Reporter Cisco
Modified 2018-08-14T20:18:34

Description

Medium

Alert ID:

58729

First Published:

2018 August 14 20:18 GMT

Version:

1

Summary

  • Cisco Security has detected significant activity related to spam email messages distributing malicious software.

Email messages that are related to this threat (RuleID33330) may contain the following files:

Name | Size in Bytes | MD5 Checksum
---|---|---
INQYUIRY.jar
| 489,393
| 0x8DF677DCDDCE0B9BA9A28EE40EBE04CC

The following text is a sample of the email message that is associated with this threat outbreak:

> Subject: Re: Inquiry_Quote/25/7/18

> Message Body:

>
Good day,
Please quote me your best C & F price along-with technical literature for attached file at your earliest not later than July 28 2018.
Note: 1. Relevant drawings are also to be submitted herewith please.
2. Your offer should reach us within the validity of RFQ due date.
Requirements for the quotations:
1) Your quotation shall be submitted on your company’s letterhead and must be signed by an authorized person;
2) All items are required to be quoted with Data Sheets in Technical part.
3) If analogue offered there should be provided comprehensive information, such as: data sheets, any technical information, in order to be able to evaluate the analogue in regards to technical characteristics, dimensions, etc.
4) Your quotation shall contain payment terms;
5) Quotation shall be prepared in the format attached to this e-mail.
6) Your quotation shall be valid for a period of 60 days from the date of quotation submission deadline set by D.G. Khan Co. Ltd.
7) Quotations submitted after the deadline will not be reviewed.
P.S.: Please do not hesitate to contact us if you need any clarifications regarding this Request for Quotation.
Regards,
¦Purchase Department

Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Revision History

  • Version | Description | Section | Date
    ---|---|---|---
    1 | Initial release to report significant activity detected by Cisco Security on August 13, 2018. | — | 2018-August-14
    Show Less

Legal Disclaimer

  • THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products