FYI...
Fake 'Office 365 update' SPAM - delivers Trojan
- https://myonlinesecurity.co.uk/fake-...anking-trojan/
23 Oct 2017 - "... an email with the subject of 'Office 365' pretending to come from Microsoft Security Team but actually coming via what looks like a compromised email account...
Screenshot: https://myonlinesecurity.co.uk/wp-co...65_cthonic.png
office_security_update.zip: Extracts to: ms_office_update.exe - Current Virus total detections 13/67*.
Payload Security**...
Update: after digging around the mail server quarantine, I have found several of these, coming via numerous different -compromised- email accounts. All of them have the same malformed content with no accessible attachment... The basic rule is NEVER open any attachment or link in an email, unless you are expecting it..."
* https://www.virustotal.com/en/file/7...is/1508670171/
ms_office_update.exe
** https://www.hybrid-analysis.com/samp...ironmentId=100
DNS Requests
35.189.99.49
Contacted Hosts
45.63.25.55
5.9.49.12
87.98.175.85
141.138.157.53
45.63.99.180
45.32.28.232
108.61.164.218
45.56.117.118
23.94.5.133
51.255.48.78
35.189.99.49
144.76.133.38