Comments

Amazon Order details – fake document malware — 8 Comments

  1. These continue to be spammed out daily and the malware attachment changes slightly each day, so be aware and don’t open the attachments, just delete them immediately they arrive. It always takes a few hours or even a whole day before your antivirus will keep up and issue new definitions to protect you.
    Virus Total detections 1/48 https://www.virustotal.com/en/file/a1b2ca37ec2e9d0a781a4b21fbb64d8ce76874dbf2ac8d3715b7106afe6eab36/analysis/
    https://malwr.com/analysis/YWEyYTE3ZjVjNWI1NDJiNThlMGM5Njg2MTNjODEzNzM/

  2. Good morning,
    Thanks for your order. We’ll let you know once your item(s) have dispatched.You can check the status of your order or make changes to it by visiting Your Orders on Amazon.co.uk.

    Order Details
    Order ID342-6686596-1652296 Placed on October 11, 2014
    Order details and invoice in attached file.
    Need to make changes to your order? Visit our Help page for more information and video guides.
    We hope to see you again soon. Amazon.co.uk

  3. New one arrived today as a plain .doc file, not zipped or .exe. Detection rate on virustotal = 0, but a few people have already voted it as suspicious. Apparently contains Cyrillic text, FWIW. Presumably the payload is delivered by macros.

Leave a Reply

Your email address will not be published. Required fields are marked *