Description
Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a a bank money deposit notification for the recipient. The text in the e-mail message attempts to convince the recipient to open the attachment and view the details. However, the attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.
E-mail messages that are related to this threat (RuleID5345) may contain the following file: Deposit Slip.scr
The Deposit Slip.scr has a file size of 197,120 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0xFEFE84F143490A9F9F38DC2E007222BF
The following text section is a sample of the e-mail message that is associated with this threat outbreak:
Subject: I have Deposited the Funds Into Your Account Today
Message Body:
I have make the Bank deposit into your account Today, Attached is a copy of the Payment that was deposited, Please Download and open to clarify that this payment was deposited.
Regards,
James Steve.
Source: Cisco
