Description
Cisco Security Intelligence Operations has detected significant activity related to German-language spam e-mail messages that claim to contain a credit card offer for the recipient. The text in the e-mail message attempts to convince the recipient to open the attachment and view the details. However, the .zip attachment contains a malicious .exe file that, when executed, attempts to infect the system with malicious code.
E-mail messages that are related to this threat (RuleID5480) may contain any of the following files:
Rechnung_03_2013_345328286.zip
Rechnung_03_2013_546328286.exe
The Rechnung_03_2013_546328286.exe file in the Rechnung_03_2013_345328286.zip attachment has an approximate file size of 211,251 bytes. The MD5 checksum is not available.
The following text section is a sample of the e-mail message that is associated with this threat outbreak:
Subject: Gebhrenfrei_MasterCard_Gold_-_RechnungOnline_5478446_vom_02_Mrz_2013
Message Body:
Rechnung Gebührenfrei MasterCard Gold
anhängend an diese E-Mail erhalten Sie die aktuelle Rechnung für Ihre Gebührenfrei MasterCard GOLD.
Nachstehend finden Sie eine Zusammenfassung Ihrer aktuellen Rechnungsdaten:
Ihr aktuelles Kreditlimit
5.000,00 EUR
Verfügbar
4.587,66 EUR
Saldo
412,34 EUR
Mindestbetrag
30,00 EUR
fällig am
08.03.2013
Source: Cisco