NUEVO MAIL MALICIOSO QUE ANEXA FICHERO CON EXTENSION .R00 QUE ES UN RAR QUE CONTIENE UN EXE CONTROLADO COMO FUERBOOS

NUEVO MAIL MALICIOSO QUE ANEXA FICHERO R00 QUE ES UN RAR QUE CONTIENE UN EXE CONTROLADO COMO FUERBOOS

El texto del mail en cuestión es el siguiente:

____________

Asunto: Project Quotation
De: “Marleen Crauwels” <marleen@alphadistribution.be>
Fecha: 20/11/2018 14:43
Para: “Marleen Crauwels” <marleen.alphadistribution@dr.com>

Good greetings,

Hope you this email finds you well.

My name is Marleen, I am project manager at MAPCO LLC.

We are looking for reliable partner with own production to work together as a team on our upcoming projects.

I would like to ask you to send us quotation for the following project.

Please find attached one of the designs we are working on and also the description- we have 2 options.

CLIENT: VIVO GAMING

SHOW: ICE LINDON 2019

For VIVO Gaming the budget is the most important and that’s why we will need also your advise if we should change any of the elements and replace with something else, in order to have lower price.

If you have any questions, please let me know.

Wish you a great day ahead!

Best regards,

Marleen Crauwels

Project Manager

MAPCO LLC – Al Mazroui Group of Companies
P.O. Box 2035, Abu Dhabi, UAE
Tel + 971 2 678 3626

ANEXADO: New Design 6046_pdf.R00 (fichero RAR malicioso que contiene un EXE que pasamos a controlar como Trojan Fuerboos)

____________

to: Project Quotation De: "Marleen Crauwels" <marleen@alphadistribution.be> Fecha: 20/11/2018 14:43 Para: "Marleen Crauwels" <marleen.alphadistribution@dr.com> Good greetings, Hope you this email finds you well. My name is Marleen, I am project manager at MAPCO LLC. We are looking for reliable partner with own production to work together as a team on our upcoming projects. I would like to ask you to send us quotation for the following project. Please find attached one of the designs we are working on and also the description- we have 2 options. CLIENT: VIVO GAMING SHOW: ICE LINDON 2019 For VIVO Gaming the budget is the most important and that’s why we will need also your advise if we should change any of the elements and replace with something else, in order to have lower price. If you have any questions, please let me know. Wish you a great day ahead! Best regards, Marleen Crauwels Project Manager MAPCO LLC – Al Mazroui Group of Companies P.O. Box 2035, Abu Dhabi, UAE Tel + 971 2 678 3626 ANEXADO: New Design 6046_pdf.R00 (fichero RAR malicioso que contiene un EXE que pasamos a controlar como Trojan Fuerboos) ____________ El preanalisis de virustotal sobre el fichero contenido en el RAR, ofrece el siguiente informe: https://www.virustotal.com/es/file/3792c3a75836e60c887bc81f8852ea4462061bd53452e9ad19198bf2b29ca1f1/analysis/1542727435/ Lo pasamos a controlar como TROJAN FUERBOOS a partir del ELISTARA 40.14 de hoy saludos ms, 20-11-2018″ target=”_blank” rel=”noopener”>El preanalisis de virustotal sobre el fichero contenido en el RAR, ofrece el siguiente informe>

Lo pasamos a controlar como TROJAN FUERBOOS a partir del ELISTARA 40.14 de hoy

NOTA: Cabe indicar que el fichero extraido tiene doble extensión, .PDF.EXE , de manera que los usuarios que no vean todas  las extensiones puedan pensar que se trata de un PDF inocente, no de un EXE…

saludos

ms, 20-11-2018