Email “Remittance Advice” Bailey of Bristol contains trojan


MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with the subject “Remittance Advice”.

This email is send from the spoofed addresses and has the following body:

Remittance Advice from Bailey of Bristol
Dear,
We are making a payment to you.
Please find attached a copy of our remittance advice, done on 5/09/2014.
If you have any questions regarding the remittance please contact us using the details below.

Kind regards
Sybil Martin
Bailey of Bristol
Tel: 949 906-5058
Fax: 949 820-2704

The attached ZIP file has the name Remittance_F033.zip and contains the 70 kB large file Remittance_F033.PDF.scr.

The trojan is known as HEUR/Malware.QVM19.Gen or Mal/Generic-S.

At the time of writing, 2 of the 55 AV engines did detect the trojan at Virus Total.

Use the Virus Total permalink for more detailed information.
SHA256: 0468f95e7fde8345215692208e80da2fd8bb6ae288b50425eb39b26004e66ea6

2 thoughts on “Email “Remittance Advice” Bailey of Bristol contains trojan

Comments are closed.