Phishing Email – RAR file attachment appears to be a certificate

The best Cyberwar News Forums Malware & Phishing research Phishing Email – RAR file attachment appears to be a certificate

Tagged: 

This topic contains 1 reply, has 2 voices, and was last updated by  CWZ 9 months, 1 week ago. This post has been viewed 3756 times

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #47229 Reply

    Jason Breeze

    Recently, we’ve received 100s of phishing emails from the same email address that contained what appeared to be an ‘invoice’ in a .rar file format. After running ‘strings’ on the file attachment, the file appears to contain a MIME certificate. Has anyone seen anything like this? The rar file when opened in windows claims to be

    Some added info – roughly 3 days earlier, we received a round of phishing emails. My fear is that this rar file is some kind of key to setup a covert channel.

    Any advice is appreciated!

    #47233 Reply

    CWZ
    Keymaster

    Hi Jason, we will be needing some details to do some analysis. Have you tried to upload the files to the virustotal website? You can find the site here; http://www.virustotal.com

    Once you upload it there, it will be scanned by 52+ antivirus programs. The report will also be generated immediatly for you. If you still have questions after the report, then feel free to share the report url from VirusTotal.

    Reminder; There are hundreds of malicious mails that contain the “locky” ransomware.

    Good luck.

Viewing 2 posts - 1 through 2 (of 2 total)
Reply To: Phishing Email – RAR file attachment appears to be a certificate
Your information: