Description
Cisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a bank account update for the recipient. The text in the e-mail message attempts to convince the recipient to open the attachment and view the details. However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the system with malicious code.
E-mail messages that are related to this threat (RuleID5403) may contain the following files:
Bendigo_Bank_-_Account_Updates.zip
Bendigo_Bank_-_Account_Updates.exe
The Bendigo_Bank_-_Account_Updates.exe file in the Bendigo_Bank_-_Account_Updates.zip attachment has a file size of 154,624 bytes. The MD5 checksum, which is a unique identifier of the executable, is the following string: 0x59D52A9E74BA0DE914BA78330308F6DD
The following text is a sample of the e-mail message that is associated with this threat outbreak:
Message Body:
Billie Sizemore
Bendigo and Adelaide Bank
Phone:1800 061 135
Direct :03 54850542
Mobile: 0401597255
********************************************************************************
This communication is intended only for use of the addressee and may contain legally privileged and confidential information.
If you are not the addressee or intended recipient, you are notified that any dissemination, copying or use of any of the information is unauthorised.
The legal privilege and confidentiality attached to this e-mail is not waived, lost or destroyed by reason of a mistaken delivery to you.
If you have received this message in error, we would appreciate an immediate notification via e-mail to CustomerContactandCareMailbox@bendigoadelaide.com.au or by phoning 1300 BENDIGO (1300 236 344), and ask that the e-mail be permanently deleted from your system.
Bendigo and Adelaide Bank Limited ABN 11 068 049 178
********************************************************************************
Source: Cisco