malware

SOTD: Quote

-email body-

Dear,

Per your request, here is the quote from PermaTherm (please see attached). After your review of the quote please give me a call to discuss if you have any questions.

Please let me know if your project requires engineering services or shop drawings. These services are not provided by Permatherm but we will be happy to provide a referral.

Thanks again for the opportunity to serve you,

Brigette Adams
Inside Sales

PermaTherm Inc.
The Green Choice
269 Industrial Park Rd.
Monticello, GA 31064
706-468-7500 (Main)
706-819-5072 (Direct)
877-468-7500 (Toll Free)
706-819-3012 (Cell)
brigette@permatherm.net
www.permatherm.net

-end email-

Attached file info:

SHA256: 1b8a0ee0ad1e9349ea8c6a20929759a1f22395a4d71f3e2c158f28edd99e0b28
File name: document.zip

Profiled via virustotal

https://www.virustotal.com/en/file/1b8a0ee0ad1e9349ea8c6a20929759a1f22395a4d71f3e2c158f28edd99e0b28/analysis/1426168464/

 

Please note:  The company associated with the domain used for this email may not have any knowledge of this email being sent out as its clearly forged.

The best suggestion is to delete this if your spam / malware /antivirus solution has not.

SOTD: Please

-email body-

Good Afternoon,

 

Please find attached notice regarding carriers pre-filing for an additional General Rate Increase for effective date of April 9, 2015.  Please note, we are advising you of this filing in order to comply with FMC regulations.  However, we feel it is unlikely that the carriers will be successful in implementing this increase, especially since the March 9th GRI has already been postponed to March 17th.  We will continue to keep you updated as we receive additional information pertaining to these filed rate increases.

 

Phoenix Zhang-Shin

Director

P & J International Ltd

Calverley House, 55 Calverley Road

Tunbridge Wells, Kent, UK TN1 2TU

Tel: 0044 1892 525588

Fax: 0044 1892 522277

Mob: 0044 7771802252

 

This email and any attachments are confidential and solely for the use of the intended recipient. They may contain material protected by legal, professional or other privilege. All correspondence with and communication with us is governed by and subject to our Standard Terms and Conditions of Sale (March 2010) (Our STCs), a copy of which has been provided to you and which is available on request or on our web-site

– end email – 

Attached file:

SHA256: e2b2d125ccc83ce749c6e5bcba2e64c764f764afe35d13616c4d348a45c8bf3b
File name: documents-id323.zip

Analysis reference: https://www.virustotal.com/en/file/e2b2d125ccc83ce749c6e5bcba2e64c764f764afe35d13616c4d348a45c8bf3b/analysis/1426087752/

 

SOTD: Statement from MARKETING & TECHNOLOGY GROUP, INC.

Another case of Monday morning spam/malware

– message body –

Dear Customer :

Your statement is attached. Please remit payment at your
earliest convenience.

Thank you for your business – we appreciate it very
much.

Sincerely,

MARKETING & TECHNOLOGY GROUP, INC.

– end of message –

 – message also has a file attachment –

docs2015.zip

– inside of the zip file is an executable –

docs2015.exe

Virus Found: Win32/Kryptik.DBCZ trojan

– end –

Please note:  The company associated with the domain used for this email may not have any knowledge of this email being sent out as its clearly forged.

The best suggestion is to delete this if your spam / malware /antivirus solution has not.

 

SOTD: JP Morgan Access Secure Message

This one comes in via email with the attachment: JP Morgan Access – Secure.zip

SHA256: 45dd07fc7308fc60110b3bad211c0e4c2b7e9797f1a3a857aef357277f487777

Flagged by the following: https://www.virustotal.com/en/file/45dd07fc7308fc60110b3bad211c0e4c2b7e9797f1a3a857aef357277f487777/analysis/1425311041/

 

Email Body:

Please check attached file(s) for your latest account documents regarding your online account.

Leon Hartman
Level III Account Management Officer
817-666-9746 office
817-802-6412 cell
Leon.Hartman@jpmorgan.com

Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE

2015 JPMorgan Chase & Co.

CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.

SOTD: My posts of spam emails

We all dislike it and there seems to be no end to it.  So why not blog about it.

SPAM!  The unsolicited email message that you never wanted, didn’t ask for, yet receiver of daily

I will be posting the email subject, and body along with found attachments (attachments will not be in my posts but their names and found malware info)